* [PATCH] only drop privileges if running as root
@ 2007-06-06 17:57 David Zeuthen
2007-06-06 22:57 ` Kay Sievers
0 siblings, 1 reply; 2+ messages in thread
From: David Zeuthen @ 2007-06-06 17:57 UTC (permalink / raw)
To: linux-hotplug
only drop privileges if running as root
Hi Kay, this simple patch fixes problems like this
[davidz@zelda ~]$ ls -l /dev/scd0
brw-rw----+ 1 davidz disk 11, 0 2007-06-06 10:46 /dev/scd0
[davidz@zelda ~]$ /lib/udev/vol_id /dev/scd0
error dropping privileges: Operation not permitted
[davidz@zelda ~]$ sudo /lib/udev/vol_id /dev/scd0
ID_FS_USAGE=filesystem
ID_FS_TYPE=udf
ID_FS_VERSION ID_FS_UUID ID_FS_LABEL=LOST_S1_DISC2_US
ID_FS_LABEL_SAFE=LOST_S1_DISC2_US
where vol_id refuses to probe the device despite the fact that the
calling user have access to it. Please apply.
Signed-Off-By: David Zeuthen <david@fubar.dk>
diff --git a/extras/volume_id/vol_id.c b/extras/volume_id/vol_id.c
index e17e7ab..1c1b94a 100644
--- a/extras/volume_id/vol_id.c
+++ b/extras/volume_id/vol_id.c
@@ -236,19 +236,21 @@ int main(int argc, char *argv[])
size = 0;
dbg("BLKGETSIZE64=%llu", (unsigned long long)size);
- /* try to drop all privileges before reading disk content */
- pw = getpwnam ("nobody");
- if (pw != NULL && pw->pw_uid > 0 && pw->pw_gid > 0) {
- dbg("dropping privileges to %u:%u",
- (unsigned int)pw->pw_uid, (unsigned int)pw->pw_gid);
- if (setgroups(0, NULL) != 0 ||
- setgid(pw->pw_gid) != 0 ||
- setuid(pw->pw_uid) != 0) {
- fprintf(stderr, "error dropping privileges: %s\n", strerror(errno));
- rc = 3;
- goto exit;
- }
- }
+ /* if we're uid 0, try to drop all privileges before reading disk content */
+ if (getuid() = 0) {
+ pw = getpwnam ("nobody");
+ if (pw != NULL && pw->pw_uid > 0 && pw->pw_gid > 0) {
+ dbg("dropping privileges to %u:%u",
+ (unsigned int)pw->pw_uid, (unsigned int)pw->pw_gid);
+ if (setgroups(0, NULL) != 0 ||
+ setgid(pw->pw_gid) != 0 ||
+ setuid(pw->pw_uid) != 0) {
+ fprintf(stderr, "error dropping privileges: %s\n", strerror(errno));
+ rc = 3;
+ goto exit;
+ }
+ }
+ }
if (probe_all) {
volume_id_all_probers(all_probers, vid, 0, size, NULL);
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-06-06 22:57 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-06-06 17:57 [PATCH] only drop privileges if running as root David Zeuthen
2007-06-06 22:57 ` Kay Sievers
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).