diff options
author | Hisham Muhammad <hisham@gobolinux.org> | 2017-07-26 15:40:55 -0300 |
---|---|---|
committer | Hisham Muhammad <hisham@gobolinux.org> | 2017-07-26 15:40:55 -0300 |
commit | 543d65c6ab767a53844c28d9e887440dec90da1c (patch) | |
tree | 8f3dd30712aca174dd621f21e35e07a99164db70 /Settings.c | |
parent | f205f7004c2530a499175ad240e0d83e484a0961 (diff) |
Security review: make privilege dropping-restoring optional.
This is/was necessary only on macOS, because you needed root in order
to read the process list. This was never necessary on Linux, and
it also raises security concerns, so now it needs to be enabled
explicitly at build time.
Diffstat (limited to 'Settings.c')
-rw-r--r-- | Settings.c | 19 |
1 files changed, 9 insertions, 10 deletions
@@ -165,11 +165,10 @@ static void readFields(ProcessField* fields, int* flags, const char* line) { static bool Settings_read(Settings* this, const char* fileName) { FILE* fd; - uid_t euid = geteuid(); - - (void) seteuid(getuid()); + + CRT_dropPrivileges(); fd = fopen(fileName, "r"); - (void) seteuid(euid); + CRT_restorePrivileges(); if (!fd) return false; @@ -278,11 +277,11 @@ static void writeMeterModes(Settings* this, FILE* fd, int column) { bool Settings_write(Settings* this) { FILE* fd; - uid_t euid = geteuid(); - (void) seteuid(getuid()); + CRT_dropPrivileges(); fd = fopen(this->filename, "w"); - (void) seteuid(euid); + CRT_restorePrivileges(); + if (fd == NULL) { return false; } @@ -368,8 +367,8 @@ Settings* Settings_new(int cpuCount) { htopDir = String_cat(home, "/.config/htop"); } legacyDotfile = String_cat(home, "/.htoprc"); - uid_t euid = geteuid(); - (void) seteuid(getuid()); + + CRT_dropPrivileges(); (void) mkdir(configDir, 0700); (void) mkdir(htopDir, 0700); free(htopDir); @@ -382,7 +381,7 @@ Settings* Settings_new(int cpuCount) { free(legacyDotfile); legacyDotfile = NULL; } - (void) seteuid(euid); + CRT_restorePrivileges(); } this->colorScheme = 0; this->changed = false; |