From 543d65c6ab767a53844c28d9e887440dec90da1c Mon Sep 17 00:00:00 2001 From: Hisham Muhammad Date: Wed, 26 Jul 2017 15:40:55 -0300 Subject: Security review: make privilege dropping-restoring optional. This is/was necessary only on macOS, because you needed root in order to read the process list. This was never necessary on Linux, and it also raises security concerns, so now it needs to be enabled explicitly at build time. --- CRT.h | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'CRT.h') diff --git a/CRT.h b/CRT.h index 6391e890..590fff6e 100644 --- a/CRT.h +++ b/CRT.h @@ -9,6 +9,9 @@ Released under the GNU GPL, see the COPYING file in the source distribution for its full text. */ +#if HAVE_SETUID_ENABLED +#endif + #define ColorIndex(i,j) ((7-i)*8+j) #define ColorPair(i,j) COLOR_PAIR(ColorIndex(i,j)) @@ -154,6 +157,25 @@ extern int CRT_colorScheme; void *backtraceArray[128]; +#if HAVE_SETUID_ENABLED + +#define DIE(msg) do { CRT_done(); fprintf(stderr, msg); exit(1); } while(0) + +void CRT_dropPrivileges(); + +void CRT_restorePrivileges(); + +#else + +/* Turn setuid operations into NOPs */ + +#ifndef CRT_dropPrivileges +#define CRT_dropPrivileges() +#define CRT_restorePrivileges() +#endif + +#endif + // TODO: pass an instance of Settings instead. void CRT_init(int delay, int colorScheme); -- cgit v1.2.3