diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2001-09-15 02:10:22 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2001-09-15 02:10:22 +0000 |
| commit | bc1385fc5e55eeed626615fad92877296064a27e (patch) | |
| tree | 4ddc16fd3c0bad027e721d898fe9dd2a35ce93e4 | |
| parent | d47016de52e9e5c468edf4c87dc60535a9796b99 (diff) | |
| download | samba-bc1385fc5e55eeed626615fad92877296064a27e.tar.gz samba-bc1385fc5e55eeed626615fad92877296064a27e.tar.xz samba-bc1385fc5e55eeed626615fad92877296064a27e.zip | |
Restore the profiling data shmem parinoia. This whole area needs to be
fixed - an mmaped file or the like would be a good idea.
| -rw-r--r-- | source/lib/util_sec.c | 10 | ||||
| -rw-r--r-- | source/profile/profile.c | 6 |
2 files changed, 12 insertions, 4 deletions
diff --git a/source/lib/util_sec.c b/source/lib/util_sec.c index 985b07f421d..231f0b178da 100644 --- a/source/lib/util_sec.c +++ b/source/lib/util_sec.c @@ -48,6 +48,7 @@ extern int DEBUGLEVEL; /* are we running as non-root? This is used by the regresison test code, and potentially also for sites that want non-root smbd */ static uid_t initial_uid; +static gid_t initial_gid; /**************************************************************************** remember what uid we got started as - this allows us to run correctly @@ -56,6 +57,7 @@ as non-root while catching trapdoor systems void sec_init(void) { initial_uid = geteuid(); + initial_gid = getegid(); } /**************************************************************************** @@ -67,6 +69,14 @@ uid_t sec_initial_uid(void) } /**************************************************************************** +some code (eg. winbindd, profiling shm) needs to know what gid we started as +****************************************************************************/ +gid_t sec_initial_gid(void) +{ + return initial_gid; +} + +/**************************************************************************** are we running in non-root mode? ****************************************************************************/ BOOL non_root_mode(void) diff --git a/source/profile/profile.c b/source/profile/profile.c index 430732c6f86..5ddc72c490c 100644 --- a/source/profile/profile.c +++ b/source/profile/profile.c @@ -130,12 +130,10 @@ BOOL profile_setup(BOOL rdonly) return False; } -#if 0 - if (shm_ds.shm_perm.cuid != 0 || shm_ds.shm_perm.cgid != 0) { - DEBUG(0,("ERROR: root did not create the shmem\n")); + if (shm_ds.shm_perm.cuid != sec_initial_uid() || shm_ds.shm_perm.cgid != sec_initial_gid()) { + DEBUG(0,("ERROR: we did not create the shmem (owned by another user)\n")); return False; } -#endif if (shm_ds.shm_segsz != sizeof(*profile_h)) { DEBUG(0,("WARNING: profile size is %d (expected %d). Deleting\n", |