void mgt_sandbox(void) { #ifdef HAVE_SETPPRIV mgt_sandbox_solaris_init(); #endif if (geteuid() == 0) { XXXAZ(setgid(params->gid)); XXXAZ(setuid(params->uid)); } else { REPORT0(LOG_INFO, "Not running as root, no priv-sep"); } /* On Linux >= 2.4, you need to set the dumpable flag to get core dumps after you have done a setuid. */ #ifdef __linux__ if (prctl(PR_SET_DUMPABLE, 1) != 0) REPORT0(LOG_INFO, "Could not set dumpable bit. Core dumps turned off\n"); #endif #ifdef HAVE_SETPPRIV mgt_sandbox_solaris_fini(); #endif }
mgt_sandbox_solaris(enum sandbox_e who) { mgt_sandbox_solaris_init(who); mgt_sandbox_solaris_privsep(who); mgt_sandbox_solaris_waive(who); }