diff options
author | Chris Kuethe <chris.kuethe@gmail.com> | 2006-12-15 05:13:32 +0000 |
---|---|---|
committer | Chris Kuethe <chris.kuethe@gmail.com> | 2006-12-15 05:13:32 +0000 |
commit | 344f11dca17028ae98a96732cf96b143add6946e (patch) | |
tree | f29ab84c077058c1db813e9d1224874ebf703802 /gpsd.c | |
parent | ff65bffdc2416bca7d66367b33a57b73734da003 (diff) | |
download | gpsd-344f11dca17028ae98a96732cf96b143add6946e.tar.gz |
add a --enable-gpsd-user configure option.
if unspecified, gpsd will retain its current behaviour: dropping to
"nobody".
Diffstat (limited to 'gpsd.c')
-rw-r--r-- | gpsd.c | 11 |
1 files changed, 6 insertions, 5 deletions
@@ -1374,17 +1374,18 @@ int main(int argc, char *argv[]) (void)chmod(argv[i], stb.st_mode|S_IRGRP|S_IWGRP); /* * Drop privileges. Up to now we've been running as root. Instead, - * set the user ID to 'nobody' and the group ID to the owning group - * of a prototypical TTY device. This limits the scope of any - * compromises in the code. It requires that all GPS devices have - * their group read/write permissions set. + * set the user ID to 'nobody' (or whatever the --enable-gpsd-user + * is) and the group ID to the owning group of a prototypical TTY + * device. This limits the scope of any compromises in the code. + * It requires that all GPS devices have their group read/write + * permissions set. */ if ((optind<argc&&stat(argv[optind], &stb)==0)||stat(PROTO_TTY,&stb)==0) { gpsd_report(LOG_PROG, "changing to group %d\n", stb.st_gid); if (setgid(stb.st_gid) != 0) gpsd_report(LOG_ERROR, "setgid() failed, errno %s\n", strerror(errno)); } - pw = getpwnam("nobody"); + pw = getpwnam( GPSD_USER ); if (pw) (void)seteuid(pw->pw_uid); } |