diff options
author | Trond Norbye <Trond.Norbye@sun.com> | 2009-03-03 19:43:04 +0100 |
---|---|---|
committer | Trond Norbye <Trond.Norbye@sun.com> | 2009-03-03 19:43:04 +0100 |
commit | 69aa542709745e7360b0cd9a81d7a407567106c4 (patch) | |
tree | 458fa91389321a9a93b74d605ca0fa693c76c048 /solaris_priv.c | |
parent | f06bd30835a6df5f589892ffa394701273e95934 (diff) | |
download | memcached-69aa542709745e7360b0cd9a81d7a407567106c4.tar.gz |
Drop privileges when running on Solaris
Diffstat (limited to 'solaris_priv.c')
-rw-r--r-- | solaris_priv.c | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/solaris_priv.c b/solaris_priv.c new file mode 100644 index 0000000..c730eb2 --- /dev/null +++ b/solaris_priv.c @@ -0,0 +1,43 @@ +#include <stdlib.h> +#include <priv.h> +#include <stdio.h> + +/* + * this section of code will drop all (Solaris) privileges including + * those normally granted to all userland process (basic privileges). The + * effect of this is that after running this code, the process will not able + * to fork(), exec(), etc. See privileges(5) for more information. + */ +void drop_privileges() { + priv_set_t *privs = priv_str_to_set("basic", ",", NULL); + + if (privs == NULL) { + perror("priv_str_to_set"); + exit(EXIT_FAILURE); + } + + (void)priv_delset(privs, PRIV_FILE_LINK_ANY); + (void)priv_delset(privs, PRIV_PROC_EXEC); + (void)priv_delset(privs, PRIV_PROC_FORK); + (void)priv_delset(privs, PRIV_PROC_INFO); + (void)priv_delset(privs, PRIV_PROC_SESSION); + + if (setppriv(PRIV_SET, PRIV_PERMITTED, privs) != 0) { + perror("setppriv(PRIV_SET, PRIV_PERMITTED)"); + exit(EXIT_FAILURE); + } + + priv_emptyset(privs); + + if (setppriv(PRIV_SET, PRIV_INHERITABLE, privs) != 0) { + perror("setppriv(PRIV_SET, PRIV_INHERITABLE)"); + exit(EXIT_FAILURE); + } + + if (setppriv(PRIV_SET, PRIV_LIMIT, privs) != 0) { + perror("setppriv(PRIV_SET, PRIV_LIMIT)"); + exit(EXIT_FAILURE); + } + + priv_freeset(privs); +} |