diff options
author | Hisham Muhammad <hisham@gobolinux.org> | 2017-07-26 15:40:55 -0300 |
---|---|---|
committer | Hisham Muhammad <hisham@gobolinux.org> | 2017-07-26 15:40:55 -0300 |
commit | 543d65c6ab767a53844c28d9e887440dec90da1c (patch) | |
tree | 8f3dd30712aca174dd621f21e35e07a99164db70 /configure.ac | |
parent | f205f7004c2530a499175ad240e0d83e484a0961 (diff) |
Security review: make privilege dropping-restoring optional.
This is/was necessary only on macOS, because you needed root in order
to read the process list. This was never necessary on Linux, and
it also raises security concerns, so now it needs to be enabled
explicitly at build time.
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index 225c6d85..9931f3a4 100644 --- a/configure.ac +++ b/configure.ac @@ -253,6 +253,12 @@ then AC_CHECK_HEADERS([hwloc.h],[:], [missing_headers="$missing_headers $ac_header"]) fi +AC_ARG_ENABLE(setuid, [AS_HELP_STRING([--enable-setuid], [enable setuid support for platforms that need it])],, enable_setuid="no") +if test "x$enable_setuid" = xyes +then + AC_DEFINE(HAVE_SETUID_ENABLED, 1, [Define if setuid support should be enabled.]) +fi + # Bail out on errors. # ---------------------------------------------------------------------- if test ! -z "$missing_libraries"; then |