Permalink
Browse files

drop privileges with --user

  • Loading branch information...
1 parent 2fe271a commit 836991e406dad376bbcc541acacb2679424e673e @wertarbyte committed Feb 1, 2012
Showing with 9 additions and 1 deletion.
  1. +9 −1 handtuch.pl
View
@@ -4,20 +4,22 @@
use strict;
+use POSIX;
use IO::Socket::INET;
use IO::Select;
use Net::DHCP::Packet;
use Net::DHCP::Constants;
use Time::HiRes qw( usleep );
use Getopt::Long;
-my ($n_towels, $n_discoverer, $gateway_string, $gateway, $expire) = (10, 0, undef, undef, 60);
+my ($n_towels, $n_discoverer, $gateway_string, $gateway, $expire, $user) = (10, 0, undef, undef, 60, undef);
GetOptions(
"towels=i" => \$n_towels,
"discoverers=i" => \$n_discoverer,
"gateway=s" => \$gateway_string,
"expire=i" => \$expire,
+ "user=s" => \$user,
) || die "Error parsing command line: $!";
if (defined $gateway_string) {
@@ -43,6 +45,12 @@
LocalPort => 'bootpc',
) or die "client socket: $!";
+if (defined $user) {
+ my $uid = getpwnam($user);
+ unless (defined $uid) {die "Unable to find user $user!\n"};
+ POSIX::setuid($uid) || die "Unable to change to uid $uid ($user)!\n";
+}
+
my $BRDCAST_TO_SERVER = sockaddr_in(67, INADDR_BROADCAST);
my $BRDCAST_TO_CLIENT = sockaddr_in(68, INADDR_BROADCAST);

0 comments on commit 836991e

Please sign in to comment.