Drop privileges after starting threads

This commit is contained in:
Alex Halderman 2013-08-30 14:48:56 -04:00
parent 473b96b1aa
commit d11eb89768

View File

@ -16,10 +16,12 @@
#include <sched.h> #include <sched.h>
#include <errno.h> #include <errno.h>
#include <pwd.h>
#include <net/if.h> #include <net/if.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <arpa/inet.h> #include <arpa/inet.h>
#include <sys/types.h>
#include <pcap/pcap.h> #include <pcap/pcap.h>
@ -106,6 +108,17 @@ static void* start_recv(__attribute__((unused)) void *arg)
return NULL; return NULL;
} }
static void drop_privs()
{
struct passwd *pw;
if ((pw = getpwnam("nobody")) != NULL) {
if (setuid(pw->pw_uid) == 0) {
return; // success
}
}
log_fatal("zmap", "Couldn't change UID to 'nobody'");
}
static void *start_mon(__attribute__((unused)) void *arg) static void *start_mon(__attribute__((unused)) void *arg)
{ {
set_cpu(); set_cpu();
@ -261,6 +274,8 @@ static void start_zmap(void)
} }
} }
drop_privs();
// wait for completion // wait for completion
for (int i=0; i < zconf.senders; i++) { for (int i=0; i < zconf.senders; i++) {
int r = pthread_join(tsend[i], NULL); int r = pthread_join(tsend[i], NULL);