1 /* Copyright (C) 2009 Trend Micro Inc. 2 * All right reserved. 3 * 4 * This program is a free software; you can redistribute it 5 * and/or modify it under the terms of the GNU General Public 6 * License (version 2) as published by the FSF - Free Software 7 * Foundation 8 */ 9 10 /* Functions for privilege separation */ 11 12 #ifndef WIN32 13 14 #include <stdio.h> 15 #include <pwd.h> 16 #include <grp.h> 17 #include <sys/types.h> 18 #include <unistd.h> 19 20 #include "privsep_op.h" 21 #include "headers/os_err.h" 22 23 Privsep_GetUser(const char * name)24uid_t Privsep_GetUser(const char *name) 25 { 26 struct passwd *pw; 27 pw = getpwnam(name); 28 if (pw == NULL) { 29 return ((uid_t)OS_INVALID); 30 } 31 32 return (pw->pw_uid); 33 } 34 Privsep_GetGroup(const char * name)35gid_t Privsep_GetGroup(const char *name) 36 { 37 struct group *grp; 38 grp = getgrnam(name); 39 if (grp == NULL) { 40 return ((gid_t)OS_INVALID); 41 } 42 43 return (grp->gr_gid); 44 } 45 Privsep_SetUser(uid_t uid)46int Privsep_SetUser(uid_t uid) 47 { 48 if (setuid(uid) < 0) { 49 return (OS_INVALID); 50 } 51 52 #ifndef HPUX 53 if (seteuid(uid) < 0) { 54 return (OS_INVALID); 55 } 56 #endif 57 58 return (OS_SUCCESS); 59 } 60 Privsep_SetGroup(gid_t gid)61int Privsep_SetGroup(gid_t gid) 62 { 63 if (setgroups(1, &gid) == -1) { 64 return (OS_INVALID); 65 } 66 67 #ifndef HPUX 68 if (setegid(gid) < 0) { 69 return (OS_INVALID); 70 } 71 #endif 72 73 if (setgid(gid) < 0) { 74 return (OS_INVALID); 75 } 76 77 return (OS_SUCCESS); 78 } 79 Privsep_Chroot(const char * path)80int Privsep_Chroot(const char *path) 81 { 82 if (chdir(path) < 0) { 83 return (OS_INVALID); 84 } 85 86 if (chroot(path) < 0) { 87 return (OS_INVALID); 88 } 89 90 if (chdir("/") < 0) { 91 return (OS_INVALID); 92 } 93 94 return (OS_SUCCESS); 95 } 96 97 #endif /* !WIN32 */ 98 99