static void cl_coredump_signal_handler(int nsig) { return_to_orig_privs(); if (geteuid() == 0) { /* Put ALL privileges back to root... */ if (setuid(0) < 0) { cl_perror("cl_coredump_signal_handler: unable to setuid(0)"); } } cl_untaint_coredumps(); /* Do the best we know how to do... */ CL_SIGNAL(nsig, SIG_DFL); kill(getpid(), nsig); }
int /* Become nobody - and remember our original privileges */ drop_privs(uid_t uid, gid_t gid) { int rc; gid_t curgid = getgid(); if (!anysaveduid) { poweruid=getuid(); powergid=curgid; } if (WANT_NOBODY(uid)) { struct passwd* p; p = getpwnam(NOBODY); if (p == NULL) { return -1; } uid = p->pw_uid; gid = p->pw_gid; } if (setegid(gid) < 0) { return -1; } rc = seteuid(uid); if (rc >= 0) { anysaveduid = 1; nobodyuid=uid; nobodygid=gid; privileged_state = 0; }else{ /* Attempt to recover original privileges */ int err = errno; setegid(curgid); errno = err; } cl_untaint_coredumps(); return rc; }