From ac018bec61778e98e58d7de00389ac7b6114ca5c Mon Sep 17 00:00:00 2001
From: Dominik George <dominik.george@teckids.org>
Date: Tue, 18 May 2021 23:22:03 +0200
Subject: [PATCH] Move restore_privileges to global scope

---
 src/cache.rs | 44 +++++++++++++++++++++-----------------------
 1 file changed, 21 insertions(+), 23 deletions(-)

diff --git a/src/cache.rs b/src/cache.rs
index 5698a92..470325a 100644
--- a/src/cache.rs
+++ b/src/cache.rs
@@ -65,7 +65,6 @@ impl UserInfo {
     }
 
     /// Set the information of this user object to that of the process owner
-    // FIXME Move to Cache, with a from_current_user generator method here
     pub fn set_current_user(&mut self) {
         self.set_uid(get_original_euid());
     }
@@ -233,26 +232,6 @@ impl UserInfo {
         }
     }
 
-    /// Restore privileges to the original process owner by setting EUID to their user ID
-    // FIXME Move to global scope
-    fn restore_privileges(&self) {
-        let current_euid = unsafe {
-            geteuid()
-        };
-
-        if current_euid != get_original_euid() {
-            debug!("Restoring privileges");
-            let res = unsafe {
-                seteuid(get_original_euid())
-            };
-            if res != 0 {
-                panic!("Could not restore privileges to {}", get_original_euid());
-            }
-        } else {
-            debug!("No need to restore privileges, already running as original user");
-        }
-    }
-
     /// Get the XDG base directories for this user
     fn get_user_xdg_base_directories(&mut self) -> Result<BaseDirectories, io::Error> {
         // Save original $HOME for later restore
@@ -319,7 +298,7 @@ impl UserInfo {
                 },
                 Err(_) => None
             };
-            self.restore_privileges();
+            restore_privileges();
         }
 
         match &self.access_token {
@@ -355,7 +334,7 @@ impl UserInfo {
                 Err(e)
             }
         };
-        self.restore_privileges();
+        restore_privileges();
         return res;
     }
 }
@@ -392,6 +371,25 @@ pub fn set_is_getpwnam_safe(v: bool) {
     }
 }
 
+/// Restore privileges to the original process owner by setting EUID to their user ID
+fn restore_privileges() {
+    let current_euid = unsafe {
+        geteuid()
+    };
+
+    if current_euid != get_original_euid() {
+        debug!("Restoring privileges");
+        let res = unsafe {
+            seteuid(get_original_euid())
+        };
+        if res != 0 {
+            panic!("Could not restore privileges to {}", get_original_euid());
+        }
+    } else {
+        debug!("No need to restore privileges, already running as original user");
+    }
+}
+
 static mut original_euid: uid_t = uid_t::MAX;
 static mut original_euid_set: bool = false;
 fn get_original_euid() -> uid_t {
-- 
GitLab