← Back to branch summary

~yolanda.robla/ubuntu/trusty/memcached/add_distribution

« back to all changes in this revision

Viewing changes to solaris_priv.c

  • Committer: Bazaar Package Importer
  • Author(s): David Martínez Moreno
  • Date: 2009-08-01 23:26:45 UTC
  • mto: (3.3.1 squeeze) (1.4.2 upstream)
  • mto: This revision was merged to the branch mainline in revision 8.
  • Revision ID: james.westby@ubuntu.com-20090801232645-g57xdaf3zal53qcl
Tags: upstream-1.4.0
Import upstream version 1.4.0

Show diffs side-by-side

added added

removed removed

Lines of Context:
solaris_priv.c
 
1
#include <stdlib.h>
 
2
#include <priv.h>
 
3
#include <stdio.h>
 
4
 
 
5
/*
 
6
 * this section of code will drop all (Solaris) privileges including
 
7
 * those normally granted to all userland process (basic privileges). The
 
8
 * effect of this is that after running this code, the process will not able
 
9
 * to fork(), exec(), etc.  See privileges(5) for more information.
 
10
 */
 
11
void drop_privileges() {
 
12
   priv_set_t *privs = priv_str_to_set("basic", ",", NULL);
 
13
 
 
14
   if (privs == NULL) {
 
15
      perror("priv_str_to_set");
 
16
      exit(EXIT_FAILURE);
 
17
   }
 
18
 
 
19
   (void)priv_delset(privs, PRIV_FILE_LINK_ANY);
 
20
   (void)priv_delset(privs, PRIV_PROC_EXEC);
 
21
   (void)priv_delset(privs, PRIV_PROC_FORK);
 
22
   (void)priv_delset(privs, PRIV_PROC_INFO);
 
23
   (void)priv_delset(privs, PRIV_PROC_SESSION);
 
24
 
 
25
   if (setppriv(PRIV_SET, PRIV_PERMITTED, privs) != 0) {
 
26
      perror("setppriv(PRIV_SET, PRIV_PERMITTED)");
 
27
      exit(EXIT_FAILURE);
 
28
   }
 
29
 
 
30
   priv_emptyset(privs);
 
31
 
 
32
   if (setppriv(PRIV_SET, PRIV_INHERITABLE, privs) != 0) {
 
33
      perror("setppriv(PRIV_SET, PRIV_INHERITABLE)");
 
34
      exit(EXIT_FAILURE);
 
35
   }
 
36
 
 
37
   if (setppriv(PRIV_SET, PRIV_LIMIT, privs) != 0) {
 
38
      perror("setppriv(PRIV_SET, PRIV_LIMIT)");
 
39
      exit(EXIT_FAILURE);
 
40
   }
 
41
 
 
42
   priv_freeset(privs);
 
43
}