1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
From: Ilias Tsitsimpis <iliastsi@debian.org>
Date: Fri, 4 Aug 2017 17:03:14 +0300
Subject: slock: Do not drop privileges
In Debian, slock does not have the setuid bit.
Forwarded: no (Debian specific)
---
slock/slock.c | 22 ----------------------
1 file changed, 22 deletions(-)
diff --git a/slock/slock.c b/slock/slock.c
index 8f92a1b..b48ea1e 100644
--- a/slock/slock.c
+++ b/slock/slock.c
@@ -310,10 +310,6 @@ int
main(int argc, char **argv) {
struct xrandr rr;
struct lock **locks;
- struct passwd *pwd;
- struct group *grp;
- uid_t duid;
- gid_t dgid;
const char *hash;
Display *dpy;
int s, nlocks, nscreens;
@@ -326,17 +322,6 @@ main(int argc, char **argv) {
usage();
} ARGEND
- /* validate drop-user and -group */
- errno = 0;
- if (!(pwd = getpwnam(user)))
- die("slock: getpwnam %s: %s\n", user,
- errno ? strerror(errno) : "user entry not found");
- duid = pwd->pw_uid;
- errno = 0;
- if (!(grp = getgrnam(group)))
- die("slock: getgrnam %s: %s\n", group,
- errno ? strerror(errno) : "group entry not found");
- dgid = grp->gr_gid;
#ifdef __linux__
dontkillme();
@@ -350,13 +335,6 @@ main(int argc, char **argv) {
if (!(dpy = XOpenDisplay(NULL)))
die("slock: cannot open display\n");
- /* drop privileges */
- if (setgroups(0, NULL) < 0)
- die("slock: setgroups: %s\n", strerror(errno));
- if (setgid(dgid) < 0)
- die("slock: setgid: %s\n", strerror(errno));
- if (setuid(duid) < 0)
- die("slock: setuid: %s\n", strerror(errno));
/* check for Xrandr support */
rr.active = XRRQueryExtension(dpy, &rr.evbase, &rr.errbase);
|
