From 7ef872fd6af76e8747c3d82bf1d5b3c1f815c3ba Mon Sep 17 00:00:00 2001 From: Emil Mikulic Date: Thu, 27 Nov 2003 05:14:55 +0000 Subject: [PATCH] Added handling of --uid. --- trunk/darkhttpd.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/trunk/darkhttpd.c b/trunk/darkhttpd.c index 5d29814..017f8e3 100644 --- a/trunk/darkhttpd.c +++ b/trunk/darkhttpd.c @@ -18,7 +18,7 @@ * x Test If-Mod-Since with IE, Phoenix, lynx, links, Opera * x Keep-alive connections. * . Chroot - * . Set{uid|gid}. + * x Set{uid|gid}. * . Port to Win32. * x Detect Content-Type from a list of content types. * x Log Referer, User-Agent. @@ -41,6 +41,7 @@ #include #include #include +#include #include #include #include @@ -991,6 +992,21 @@ static void parse_commandline(const int argc, char *argv[]) else drop_uid = p->pw_uid; } + else if (strcmp(argv[i], "--gid") == 0) + { + struct group *g; + int num; + if (++i >= argc) errx(1, "missing gid after --gid"); + if (!str_to_num(argv[i], &num)) + g = getgrnam(argv[i]); + else + g = getgrgid( (gid_t)num ); + + if (g == NULL) + errx(1, "no such gid: `%s'", argv[i]); + else + drop_gid = g->gr_gid; + } else errx(1, "unknown argument `%s'", argv[i]); } @@ -2073,6 +2089,11 @@ int main(int argc, char *argv[]) err(1, "signal(SIGQUIT)"); /* security */ + if (drop_gid != INVALID_GID) + { + if (setgid(drop_gid) == -1) err(1, "setgid(%d)", drop_gid); + debugf("set gid to %d\n", drop_gid); + } if (drop_uid != INVALID_UID) { if (setuid(drop_uid) == -1) err(1, "setuid(%d)", drop_uid);