1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "memcached.h"
/*
* this section of code will drop all (OpenBSD) privileges including
* those normally granted to all userland process (basic privileges). The
* effect of this is that after running this code, the process will not able
* to fork(), exec(), etc. See pledge(2) for more information.
*/
void drop_privileges() {
extern char *__progname;
if (settings.socketpath != NULL) {
if (pledge("stdio unix", NULL) == -1) {
fprintf(stderr, "%s: pledge: %s\n", __progname, strerror(errno));
exit(EXIT_FAILURE);
}
} else {
if (pledge("stdio inet", NULL) == -1) {
fprintf(stderr, "%s: pledge: %s\n", __progname, strerror(errno));
exit(EXIT_FAILURE);
}
}
}
void setup_privilege_violations_handler(void) {
// not needed
}
|
