summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--daemon/main.c51
1 files changed, 27 insertions, 24 deletions
diff --git a/daemon/main.c b/daemon/main.c
index 0557f0e..363f3d5 100644
--- a/daemon/main.c
+++ b/daemon/main.c
@@ -525,32 +525,35 @@ int main(int argc, char *argv[])
res = -1;
goto terminate;
}
+ if (pw->pw_uid == 0) {
+ usbmuxd_log(LL_INFO, "Not dropping privileges to root");
+ } else {
+ if ((res = initgroups(drop_user, pw->pw_gid)) < 0) {
+ usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set supplementary groups)");
+ goto terminate;
+ }
+ if ((res = setgid(pw->pw_gid)) < 0) {
+ usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set group ID to %d)", pw->pw_gid);
+ goto terminate;
+ }
+ if ((res = setuid(pw->pw_uid)) < 0) {
+ usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set user ID to %d)", pw->pw_uid);
+ goto terminate;
+ }
- if ((res = initgroups(drop_user, pw->pw_gid)) < 0) {
- usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set supplementary groups)");
- goto terminate;
- }
- if ((res = setgid(pw->pw_gid)) < 0) {
- usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set group ID to %d)", pw->pw_gid);
- goto terminate;
- }
- if ((res = setuid(pw->pw_uid)) < 0) {
- usbmuxd_log(LL_FATAL, "Failed to drop privileges (cannot set user ID to %d)", pw->pw_uid);
- goto terminate;
- }
-
- // security check
- if (setuid(0) != -1) {
- usbmuxd_log(LL_FATAL, "Failed to drop privileges properly!");
- res = -1;
- goto terminate;
- }
- if (getuid() != pw->pw_uid || getgid() != pw->pw_gid) {
- usbmuxd_log(LL_FATAL, "Failed to drop privileges properly!");
- res = -1;
- goto terminate;
+ // security check
+ if (setuid(0) != -1) {
+ usbmuxd_log(LL_FATAL, "Failed to drop privileges properly!");
+ res = -1;
+ goto terminate;
+ }
+ if (getuid() != pw->pw_uid || getgid() != pw->pw_gid) {
+ usbmuxd_log(LL_FATAL, "Failed to drop privileges properly!");
+ res = -1;
+ goto terminate;
+ }
+ usbmuxd_log(LL_NOTICE, "Successfully dropped privileges to '%s'", drop_user);
}
- usbmuxd_log(LL_NOTICE, "Successfully dropped privileges to '%s'", drop_user);
}
client_init();