diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:46:30 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:46:30 +0000 |
commit | b5896ba9f6047e7031e2bdee0622d543e11a6734 (patch) | |
tree | fd7b460593a2fee1be579bec5697e6d887ea3421 /src/util/set_eugid.c | |
parent | Initial commit. (diff) | |
download | postfix-upstream/3.4.23.tar.xz postfix-upstream/3.4.23.zip |
Adding upstream version 3.4.23.upstream/3.4.23upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | src/util/set_eugid.c | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/src/util/set_eugid.c b/src/util/set_eugid.c new file mode 100644 index 0000000..ef35380 --- /dev/null +++ b/src/util/set_eugid.c @@ -0,0 +1,70 @@ +/*++ +/* NAME +/* set_eugid 3 +/* SUMMARY +/* set effective user and group attributes +/* SYNOPSIS +/* #include <set_eugid.h> +/* +/* void set_eugid(euid, egid) +/* uid_t euid; +/* gid_t egid; +/* +/* void SAVE_AND_SET_EUGID(uid, gid) +/* uid_t uid; +/* gid_t gid; +/* +/* void RESTORE_SAVED_EUGID() +/* DESCRIPTION +/* set_eugid() sets the effective user and group process attributes +/* and updates the process group access list to be just the specified +/* effective group id. +/* +/* SAVE_AND_SET_EUGID() opens a block that executes with the +/* specified privilege. RESTORE_SAVED_EUGID() closes the block. +/* DIAGNOSTICS +/* All system call errors are fatal. +/* SEE ALSO +/* seteuid(2), setegid(2), setgroups(2) +/* LICENSE +/* .ad +/* .fi +/* The Secure Mailer license must be distributed with this software. +/* AUTHOR(S) +/* Wietse Venema +/* IBM T.J. Watson Research +/* P.O. Box 704 +/* Yorktown Heights, NY 10598, USA +/*--*/ + +/* System library. */ + +#include <sys_defs.h> +#include <unistd.h> +#include <grp.h> +#include <errno.h> + +/* Utility library. */ + +#include "msg.h" +#include "set_eugid.h" + +/* set_eugid - set effective user and group attributes */ + +void set_eugid(uid_t euid, gid_t egid) +{ + int saved_errno = errno; + + if (geteuid() != 0) + if (seteuid(0)) + msg_fatal("set_eugid: seteuid(0): %m"); + if (setegid(egid) < 0) + msg_fatal("set_eugid: setegid(%ld): %m", (long) egid); + if (setgroups(1, &egid) < 0) + msg_fatal("set_eugid: setgroups(%ld): %m", (long) egid); + if (euid != 0 && seteuid(euid) < 0) + msg_fatal("set_eugid: seteuid(%ld): %m", (long) euid); + if (msg_verbose) + msg_info("set_eugid: euid %ld egid %ld", (long) euid, (long) egid); + errno = saved_errno; +} |