aboutsummaryrefslogtreecommitdiff
path: root/src/libmain/shared.cc
diff options
context:
space:
mode:
authorEelco Dolstra <e.dolstra@tudelft.nl>2006-12-06 17:29:10 +0000
committerEelco Dolstra <e.dolstra@tudelft.nl>2006-12-06 17:29:10 +0000
commit751f6d2157a1b89f2463b68a90f8515deb3f942c (patch)
tree1a1bb95535212fdc0646a0385053bf1e635af414 /src/libmain/shared.cc
parent9f0efa6611d010bf2fb88a2f6a583c4f32fd89ac (diff)
* nix-setuid-helper: allow running programs under a different uid.
Diffstat (limited to 'src/libmain/shared.cc')
-rw-r--r--src/libmain/shared.cc13
1 files changed, 2 insertions, 11 deletions
diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc
index 393f31fcd..fa72ca5bc 100644
--- a/src/libmain/shared.cc
+++ b/src/libmain/shared.cc
@@ -14,7 +14,7 @@
#include <aterm2.h>
-extern char * * environ;
+#include "setuid-common.hh"
namespace nix {
@@ -218,20 +218,11 @@ static void setuidInit()
uid_t nixUid = geteuid();
gid_t nixGid = getegid();
- fprintf(stderr, "<<< setuid mode >>>\n");
-
- /* Don't trust the environment. */
- environ = 0;
+ setuidCleanup();
/* Don't trust the current directory. */
if (chdir("/") == -1) abort();
- /* Make sure that file descriptors 0, 1, 2 are open. */
- for (int fd = 0; fd <= 2; ++fd) {
- struct stat st;
- if (fstat(fd, &st) == -1) abort();
- }
-
/* Set the real (and preferably also the save) uid/gid to the
effective uid/gid. This matters mostly when we're not using
build-users (bad!), since some builders (like Perl) complain
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 21:59:56 +0000