Date: Thu, 19 Sep 2013 11:06:58 +0000 (UTC) From: Peter Holm <pho@FreeBSD.org> To: src-committers@freebsd.org, svn-src-user@freebsd.org Subject: svn commit: r255700 - user/pho/stress2/misc Message-ID: <201309191106.r8JB6wDW005001@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pho Date: Thu Sep 19 11:06:58 2013 New Revision: 255700 URL: http://svnweb.freebsd.org/changeset/base/255700 Log: Use getpwnam() get switch to user "nobody". Sponsored by: EMC / Isilon storage division Modified: user/pho/stress2/misc/syscall4.sh Modified: user/pho/stress2/misc/syscall4.sh ============================================================================== --- user/pho/stress2/misc/syscall4.sh Thu Sep 19 10:56:36 2013 (r255699) +++ user/pho/stress2/misc/syscall4.sh Thu Sep 19 11:06:58 2013 (r255700) @@ -78,6 +78,7 @@ EOF #include <fts.h> #include <libutil.h> #include <pthread.h> +#include <pwd.h> #include <signal.h> #include <sys/socket.h> #include <stdint.h> @@ -114,9 +115,6 @@ int fd[900], fds[2], socketpr[2]; u_int32_t r[N]; int syscallno; -#define UID_NOBODY 65534 -#define GID_NOBODY 65534 - static int random_int(int mi, int ma) { @@ -240,13 +238,18 @@ calls(void *arg __unused) int main(int argc, char **argv) { + struct passwd *pw; pthread_t rp, cp[50]; int i, j; - if (setgid(GID_NOBODY) == -1) - err(1, "setgid(%d)", GID_NOBODY); - if (setuid(UID_NOBODY) == -1) - err(1, "setuid(%d)", UID_NOBODY); + if ((pw = getpwnam("nobody")) == NULL) + err(1, "no such user: nobody"); + + if (setgroups(1, &pw->pw_gid) || + setegid(pw->pw_gid) || setgid(pw->pw_gid) || + seteuid(pw->pw_uid) || setuid(pw->pw_uid)) + err(1, "Can't drop privileges to \"nobody\""); + endpwent(); signal(SIGALRM, hand); signal(SIGILL, hand);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201309191106.r8JB6wDW005001>