"Fossies" - the Fresh Open Source Software Archive

Member "memcached-1.6.15/solaris_priv.c" (21 Feb 2022, 1327 Bytes) of package /linux/www/memcached-1.6.15.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "solaris_priv.c" see the Fossies "Dox" file reference documentation.

    1 #include <stdlib.h>
    2 #include <priv.h>
    3 #include <stdio.h>
    4 #include "memcached.h"
    5 
    6 /*
    7  * this section of code will drop all (Solaris) privileges including
    8  * those normally granted to all userland process (basic privileges). The
    9  * effect of this is that after running this code, the process will not able
   10  * to fork(), exec(), etc.  See privileges(5) for more information.
   11  */
   12 void drop_privileges(void) {
   13    priv_set_t *privs = priv_str_to_set("basic", ",", NULL);
   14 
   15    if (privs == NULL) {
   16       perror("priv_str_to_set");
   17       exit(EXIT_FAILURE);
   18    }
   19 
   20    (void)priv_delset(privs, PRIV_FILE_LINK_ANY);
   21    (void)priv_delset(privs, PRIV_PROC_EXEC);
   22    (void)priv_delset(privs, PRIV_PROC_FORK);
   23    (void)priv_delset(privs, PRIV_PROC_INFO);
   24    (void)priv_delset(privs, PRIV_PROC_SESSION);
   25 
   26    if (setppriv(PRIV_SET, PRIV_PERMITTED, privs) != 0) {
   27       perror("setppriv(PRIV_SET, PRIV_PERMITTED)");
   28       exit(EXIT_FAILURE);
   29    }
   30 
   31    priv_emptyset(privs);
   32 
   33    if (setppriv(PRIV_SET, PRIV_INHERITABLE, privs) != 0) {
   34       perror("setppriv(PRIV_SET, PRIV_INHERITABLE)");
   35       exit(EXIT_FAILURE);
   36    }
   37 
   38    if (setppriv(PRIV_SET, PRIV_LIMIT, privs) != 0) {
   39       perror("setppriv(PRIV_SET, PRIV_LIMIT)");
   40       exit(EXIT_FAILURE);
   41    }
   42 
   43    priv_freeset(privs);
   44 }
   45 
   46 void setup_privilege_violations_handler(void) {
   47    // not needed
   48 }