41 #include <sys/types.h> 55 drop_privileges_error (GError ** error, gint errorcode,
const gchar * message)
81 struct passwd *user_pw = NULL;
83 g_return_val_if_fail (*error == NULL,
91 if ((user_pw = getpwnam (username)))
93 if (initgroups (username, user_pw->pw_gid) != 0)
94 return drop_privileges_error
97 "Failed to drop supplementary groups privileges!\n");
98 if (setgid (user_pw->pw_gid) != 0)
99 return drop_privileges_error
102 "Failed to drop group privileges!\n");
103 if (setuid (user_pw->pw_uid) != 0)
104 return drop_privileges_error
107 "Failed to drop user privileges!\n");
113 "Failed to get gid and uid for user %s.", username);
120 return drop_privileges_error (error,
122 "Only root can drop its privileges.");
#define OPENVAS_DROP_PRIVILEGES_FAIL_NOT_ROOT
#define OPENVAS_DROP_PRIVILEGES_ERROR_ALREADY_SET
#define OPENVAS_DROP_PRIVILEGES_FAIL_DROP_UID
int drop_privileges(gchar *username, GError **error)
Naive attempt to drop privileges.
#define OPENVAS_DROP_PRIVILEGES_FAIL_DROP_GID
#define OPENVAS_DROP_PRIVILEGES_FAIL_SUPPLEMENTARY
#define OPENVAS_DROP_PRIVILEGES_OK
#define OPENVAS_DROP_PRIVILEGES_FAIL_UNKNOWN_USER
#define OPENVAS_DROP_PRIVILEGES
The GQuark for privilege dropping errors.