2023-02-13 19:26:52 +00:00
|
|
|
// +build linux,go1.16 aix darwin dragonfly freebsd illumos netbsd openbsd solaris
|
|
|
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"log"
|
|
|
|
|
"os"
|
|
|
|
|
"strconv"
|
|
|
|
|
"syscall"
|
|
|
|
|
)
|
|
|
|
|
|
2023-02-15 20:10:22 +00:00
|
|
|
func DropPrivs(config Config, nobody_uid int, errorLog *log.Logger) {
|
2023-02-13 19:26:52 +00:00
|
|
|
|
|
|
|
|
// Get our real and effective UIDs
|
|
|
|
|
uid := os.Getuid()
|
|
|
|
|
euid := os.Geteuid()
|
|
|
|
|
|
2023-02-15 20:10:22 +00:00
|
|
|
// Are we root or are we running as a setuid binary?
|
|
|
|
|
if uid == 0 || uid != euid {
|
|
|
|
|
err := syscall.Setuid(nobody_uid)
|
2023-02-13 19:26:52 +00:00
|
|
|
if err != nil {
|
2023-02-15 20:10:22 +00:00
|
|
|
errorLog.Println("Could not setuid to " + strconv.Itoa(uid) + ": " + err.Error())
|
2023-02-13 19:26:52 +00:00
|
|
|
log.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
