diff options
author | Andrew Tridgell <tridge@samba.org> | 1998-11-12 07:06:48 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 1998-11-12 07:06:48 +0000 |
commit | 29e36b713468d7e7de301c483fc340ef42b4a9fb (patch) | |
tree | fd97dcedea842356595ce290c2fb1f95d8448285 /source3/lib | |
parent | 4f368d8b924b76007809e967ac1f37f6a1ebdd68 (diff) | |
download | samba-29e36b713468d7e7de301c483fc340ef42b4a9fb.tar.gz samba-29e36b713468d7e7de301c483fc340ef42b4a9fb.tar.bz2 samba-29e36b713468d7e7de301c483fc340ef42b4a9fb.zip |
extracted the password change code from smbpasswd and used it in swat
instead of opening pipes and other horrible stuff.
(This used to be commit 49bf19710345a59a2d17cd449be1a132885ed821)
Diffstat (limited to 'source3/lib')
-rw-r--r-- | source3/lib/util.c | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/source3/lib/util.c b/source3/lib/util.c index 2be1fcaf6f..1710205f3c 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -3095,3 +3095,56 @@ BOOL reg_split_key(char *full_keyname, uint32 *reg_type, char *key_name) return True; } + +/**************************************************************************** + become the specified uid - permanently ! +****************************************************************************/ +BOOL become_user_permanently(uid_t uid, gid_t gid) +{ + /* now completely lose our privilages. This is a fairly paranoid + way of doing it, but it does work on all systems that I know of */ + +#ifdef HAVE_SETRESUID + /* + * Firstly ensure all our uids are set to root. + */ + setresgid(0,0,0); + setresuid(0,0,0); + + /* + * Now ensure we change all our gids. + */ + setresgid(gid,gid,gid); + + /* + * Now ensure all the uids are the user. + */ + setresuid(uid,uid,uid); +#else + /* + * Firstly ensure all our uids are set to root. + */ + setuid(0); + seteuid(0); + + /* + * Now ensure we change all our gids. + */ + setgid(gid); + setegid(gid); + + /* + * Now ensure all the uids are the user. + */ + setuid(uid); + seteuid(uid); +#endif + + if (getuid() != uid || geteuid() != uid || + getgid() != gid || getegid() != gid) { + /* We failed to lose our privilages. */ + return False; + } + + return(True); +} |