diff options
| author | Nathan Reiner <nathan@nathanreiner.xyz> | 2023-03-23 20:32:06 +0100 |
|---|---|---|
| committer | Nathan Reiner <nathan@nathanreiner.xyz> | 2023-03-23 20:32:06 +0100 |
| commit | 879cc4f3254e59161506f3857799db8f68a9105f (patch) | |
| tree | 756aa4d76c4b33a8eea4c8c6b856e2444db2dd16 | |
| parent | dace7dca77e9539b5cb459f79c1154d11b3030fe (diff) | |
drop privs after setup
| -rw-r--r-- | wlock.c | 10 |
1 files changed, 8 insertions, 2 deletions
@@ -392,10 +392,16 @@ main(int argc, char *argv[]) disable_oom_killer(); #endif - /* TODO: Drop privileges */ - setup(); + + if (setgroups(0, NULL) < 0) + die("slock: setgroups: %s\n", strerror(errno)); + if (setgid(grp->gr_gid) < 0) + die("slock: setgid: %s\n", strerror(errno)); + if (setuid(pw->pw_uid) < 0) + die("slock: setuid: %s\n", strerror(errno)); + fds[0].fd = wl_display_get_fd(client.display); fds[0].events = POLLIN; fds[1].fd = client.repeat.timer; |