Skip to content
Newer
Older
100644 98 lines (84 sloc) 2.78 KB
57ba30f @msantos Add a license.
authored
1 /* Copyright (c) 2005-2010, Michael Santos <michael.santos@gmail.com>
2 * All rights reserved.
f599839 @msantos Antidote for the trailing whitespace plague.
authored
3 *
57ba30f @msantos Add a license.
authored
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
f599839 @msantos Antidote for the trailing whitespace plague.
authored
7 *
57ba30f @msantos Add a license.
authored
8 * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
f599839 @msantos Antidote for the trailing whitespace plague.
authored
10 *
57ba30f @msantos Add a license.
authored
11 * Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
f599839 @msantos Antidote for the trailing whitespace plague.
authored
14 *
57ba30f @msantos Add a license.
authored
15 * Neither the name of the author nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
f599839 @msantos Antidote for the trailing whitespace plague.
authored
18 *
57ba30f @msantos Add a license.
authored
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
22 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
24 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
25 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
26 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
27 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
29 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 * POSSIBILITY OF SUCH DAMAGE.
31 */
32
f599839 @msantos Antidote for the trailing whitespace plague.
authored
33 /*
ee8b9c1 @msantos Imported from http://code.google.com/p/tweag/ cause I <3 github
authored
34 * rst: TCP connect reset utility
35 *
36 * Aggressively resets TCP connections using TCP RST's or
37 * ICMP.
38 *
39 */
40 #include <sys/types.h>
41 #include <pwd.h>
42 #include <grp.h>
43
44 #include "rst.h"
45
46 int
47 rst_priv_drop(char *user, char *group, char *path)
48 {
49 uid_t uid = 0;
50 gid_t gid = 0;
51
52 struct passwd *pwd = NULL;
53 struct group *gr = NULL;
54
55 if ( (user == NULL) || (group == NULL))
56 return (-1);
57
58 if ( (pwd = getpwnam(user)) == NULL) {
59 warnx("user does not exist: %s", user);
60 return (-1);
61 }
62 uid = pwd->pw_uid;
63
64 if ( (gr = getgrnam(group)) == NULL) {
d94893c @msantos Make it compile on Linux.
authored
65 warnx("group does not exist: %s", group);
ee8b9c1 @msantos Imported from http://code.google.com/p/tweag/ cause I <3 github
authored
66 return (-1);
67 }
68 gid = gr->gr_gid;
69
70 /* Disallow running as root */
71 if (uid == 0) {
72 warnx("refusing to running as root");
73 return (-1);
74 }
75
76 if (chroot(path) != 0) {
77 warnx("could not chroot: %s", RST_DIR);
78 return (-1);
79 }
80
81 if (chdir("/") != 0) {
82 warn("could not change to / in chroot");
83 return (-1);
84 }
85
86 if (setgid(gid) != 0) {
87 warnx("could not drop group privs");
88 return (-1);
89 }
90
91 if (setuid(uid) != 0) {
92 warnx("could not drop user privs");
93 return (-1);
94 }
95
96 return (0);
97 }
Something went wrong with that request. Please try again.