diff options
| author | 0scar <qgt268@alumni.ku.dk> | 2023-02-27 16:26:51 +0000 |
|---|---|---|
| committer | 0scar <qgt268@alumni.ku.dk> | 2024-09-23 20:39:58 +0000 |
| commit | ce69f69a51fa94053c68a92a3fe63525ed132464 (patch) | |
| tree | af7ee58219267808070ae88d65065b4cc480a875 | |
| parent | c2ba92be4ee2e7964d60c3dbbb1b00e66ff28cd2 (diff) | |
Patch: privilege drop
Source:
https://github.com/djpohly/dwl/compare/main...DanielMowitz:privilege-drop.patch
| -rw-r--r-- | dwl.c | 21 |
1 files changed, 15 insertions, 6 deletions
@@ -8,6 +8,7 @@ #include <signal.h> #include <stdio.h> #include <stdlib.h> +#include <sys/types.h> #include <sys/wait.h> #include <time.h> #include <unistd.h> @@ -322,7 +323,7 @@ static void requestdecorationmode(struct wl_listener *listener, void *data); static void requeststartdrag(struct wl_listener *listener, void *data); static void requestmonstate(struct wl_listener *listener, void *data); static void resize(Client *c, struct wlr_box geo, int interact); -static void run(char *startup_cmd); +static void run(char *startup_cmd, uid_t uid); static void setcursor(struct wl_listener *listener, void *data); static void setcursorshape(struct wl_listener *listener, void *data); static void setfloating(Client *c, int floating); @@ -2188,7 +2189,7 @@ resize(Client *c, struct wlr_box geo, int interact) } void -run(char *startup_cmd) +run(char *startup_cmd, uid_t uid) { /* Add a Unix socket to the Wayland display. */ const char *socket = wl_display_add_socket_auto(dpy); @@ -2201,6 +2202,11 @@ run(char *startup_cmd) if (!wlr_backend_start(backend)) die("startup: backend_start"); + /* In case the option is passed, drop priviledges to desired uid */ + if (uid > 0) + setuid(uid); + + /* Now that the socket exists and the backend is started, run the startup command */ if (startup_cmd) { int piperw[2]; @@ -3172,10 +3178,13 @@ int main(int argc, char *argv[]) { char *startup_cmd = NULL; + uid_t uid = 0; int c; - while ((c = getopt(argc, argv, "s:hdv")) != -1) { - if (c == 's') + while ((c = getopt(argc, argv, "u:s:hdv")) != -1) { + if (c == 'u') + uid = atoi(optarg); + else if (c == 's') startup_cmd = optarg; else if (c == 'd') log_level = WLR_DEBUG; @@ -3191,10 +3200,10 @@ main(int argc, char *argv[]) if (!getenv("XDG_RUNTIME_DIR")) die("XDG_RUNTIME_DIR must be set"); setup(); - run(startup_cmd); + run(startup_cmd, uid); cleanup(); return EXIT_SUCCESS; usage: - die("Usage: %s [-v] [-d] [-s startup command]", argv[0]); + die("Usage: %s [-v] [-u uid] [-d] [-s startup command]", argv[0]); } |