Drop privileges after starting threads
This commit is contained in:
Alex Halderman
parent
473b96b1aa
commit
d11eb89768
15
src/zmap.c
15
src/zmap.c
|
|
@ -16,10 +16,12 @@
|
|||
#include <sched.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include <pwd.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <sys/types.h>
|
||||
|
||||
#include <pcap/pcap.h>
|
||||
|
||||
|
|
@ -106,6 +108,17 @@ static void* start_recv(__attribute__((unused)) void *arg)
|
|||
return NULL;
|
||||
}
|
||||
|
||||
static void drop_privs()
|
||||
{
|
||||
struct passwd *pw;
|
||||
if ((pw = getpwnam("nobody")) != NULL) {
|
||||
if (setuid(pw->pw_uid) == 0) {
|
||||
return; // success
|
||||
}
|
||||
}
|
||||
log_fatal("zmap", "Couldn't change UID to 'nobody'");
|
||||
}
|
||||
|
||||
static void *start_mon(__attribute__((unused)) void *arg)
|
||||
{
|
||||
set_cpu();
|
||||
|
|
@ -261,6 +274,8 @@ static void start_zmap(void)
|
|||
}
|
||||
}
|
||||
|
||||
drop_privs();
|
||||
|
||||
// wait for completion
|
||||
for (int i=0; i < zconf.senders; i++) {
|
||||
int r = pthread_join(tsend[i], NULL);
|
||||
|
|
|
|||
Loading…
Reference in New Issue