Skip to content
Snippets Groups Projects
Verified Commit ac018bec authored by Nik | Klampfradler's avatar Nik | Klampfradler
Browse files

Move restore_privileges to global scope

parent 16d424b7
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 21 additions and 23 deletions
src/cache.rs
+ 21
23
View file @ ac018bec
...@@ -65,7 +65,6 @@ impl UserInfo { ...@@ -65,7 +65,6 @@ impl UserInfo {
} }
/// Set the information of this user object to that of the process owner /// Set the information of this user object to that of the process owner
// FIXME Move to Cache, with a from_current_user generator method here
pub fn set_current_user(&mut self) { pub fn set_current_user(&mut self) {
self.set_uid(get_original_euid()); self.set_uid(get_original_euid());
} }
...@@ -233,26 +232,6 @@ impl UserInfo { ...@@ -233,26 +232,6 @@ impl UserInfo {
} }
} }
/// Restore privileges to the original process owner by setting EUID to their user ID
// FIXME Move to global scope
fn restore_privileges(&self) {
let current_euid = unsafe {
geteuid()
};
if current_euid != get_original_euid() {
debug!("Restoring privileges");
let res = unsafe {
seteuid(get_original_euid())
};
if res != 0 {
panic!("Could not restore privileges to {}", get_original_euid());
}
} else {
debug!("No need to restore privileges, already running as original user");
}
}
/// Get the XDG base directories for this user /// Get the XDG base directories for this user
fn get_user_xdg_base_directories(&mut self) -> Result<BaseDirectories, io::Error> { fn get_user_xdg_base_directories(&mut self) -> Result<BaseDirectories, io::Error> {
// Save original $HOME for later restore // Save original $HOME for later restore
...@@ -319,7 +298,7 @@ impl UserInfo { ...@@ -319,7 +298,7 @@ impl UserInfo {
}, },
Err(_) => None Err(_) => None
}; };
self.restore_privileges(); restore_privileges();
} }
match &self.access_token { match &self.access_token {
...@@ -355,7 +334,7 @@ impl UserInfo { ...@@ -355,7 +334,7 @@ impl UserInfo {
Err(e) Err(e)
} }
}; };
self.restore_privileges(); restore_privileges();
return res; return res;
} }
} }
...@@ -392,6 +371,25 @@ pub fn set_is_getpwnam_safe(v: bool) { ...@@ -392,6 +371,25 @@ pub fn set_is_getpwnam_safe(v: bool) {
} }
} }
/// Restore privileges to the original process owner by setting EUID to their user ID
fn restore_privileges() {
let current_euid = unsafe {
geteuid()
};
if current_euid != get_original_euid() {
debug!("Restoring privileges");
let res = unsafe {
seteuid(get_original_euid())
};
if res != 0 {
panic!("Could not restore privileges to {}", get_original_euid());
}
} else {
debug!("No need to restore privileges, already running as original user");
}
}
static mut original_euid: uid_t = uid_t::MAX; static mut original_euid: uid_t = uid_t::MAX;
static mut original_euid_set: bool = false; static mut original_euid_set: bool = false;
fn get_original_euid() -> uid_t { fn get_original_euid() -> uid_t {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment