spkp

Stacking wayland compositor
git clone git://git.z3bra.org/sp:kp.git
Log | Files | Refs

commit f8c6fea6bb1813f6e180c792abbdccda07596d8f
parent b8473ae7484a34f82ef3d7bebdaf2a3fef9c91bf
Author: Willy Goiffon <dev@z3bra.org>
Date:   Sat, 14 Nov 2020 13:52:11 +0100

Drop privileges early when running with setuid()

Diffstat:
Mcompositor.c | 23++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/compositor.c b/compositor.c @@ -197,6 +197,7 @@ static void add_pointer(struct state *, struct wlr_input_device *); static void render(struct wlr_surface *, int, int, void *); static void render_border(struct wlr_box *, struct rdata *, int); static void focus(struct window *); +static int dropprivilege(); static int keybinding(struct state *, uint32_t, uint32_t, enum wlr_key_state); static struct window *underneath(struct state *, double, double); @@ -978,6 +979,22 @@ focus(struct window *window) } /* + * Drop current privileges to run as current user. + */ +int +dropprivilege() +{ + if (getuid() == geteuid() && getgid() == getegid()) + return 1; + + if (!setgid(getgid()) && !setuid(getuid())) + return 1; + + return 0; +} + + +/* * Execute specific functions when an modifier/key combination is pressed. */ int @@ -1137,10 +1154,14 @@ main(int argc, char *argv[]) * create server side resources */ server.dpy = wl_display_create(); + server.backend = wlr_backend_autocreate(server.dpy, NULL); + + if (!dropprivilege()) + return -1; + server.seat = wlr_seat_create(server.dpy, "seat0"); server.shell = wlr_xdg_shell_create(server.dpy); server.layout = wlr_output_layout_create(); - server.backend = wlr_backend_autocreate(server.dpy, NULL); server.renderer = wlr_backend_get_renderer(server.backend); server.chrome_mgr = wlr_xdg_decoration_manager_v1_create(server.dpy);