Line data    Source code

       1             : /* This file is part of the cmail project (http://cmail.rocks/)
       2             :  * (c) 2015 Fabian "cbdev" Stumpf
       3             :  * License: Simplified BSD (2-Clause)
       4             :  * For further information, consult LICENSE.txt
       5             :  */
       6             : 
       7           0 : int privileges_drop(LOGGER log, USER_PRIVS privileges){
       8           0 :         if(getuid()!=0){
       9           0 :                 logprintf(log, LOG_WARNING, "Not dropping privileges, need root for that\n");
      10           0 :                 return -1;
      11             :         }
      12             : 
      13           0 :         logprintf(log, LOG_INFO, "Dropping privileges...\n");
      14             : 
      15             :         //TODO initgroups
      16             : 
      17           0 :         if(chdir("/")<0){
      18           0 :                 logprintf(log, LOG_ERROR, "Failed to drop privileges (changing directories): %s\n", strerror(errno));
      19           0 :                 return -1;
      20             :         }
      21             : 
      22           0 :         if(setgid(privileges.gid) != 0){
      23           0 :                 logprintf(log, LOG_ERROR, "Failed to drop privileges (changing gid): %s\n", strerror(errno));
      24           0 :                 return -1;
      25             :         }
      26             : 
      27           0 :         if(setuid(privileges.uid) != 0){
      28           0 :                 logprintf(log, LOG_ERROR, "Failed to drop privileges (changing uid): %s\n", strerror(errno));
      29           0 :                 return -1;
      30             :         }
      31             : 
      32             :         //TODO check for success
      33           0 :         return 0;
      34             : }