summaryrefslogtreecommitdiffstats
path: root/runtime/staprun/staprun_funcs.c
diff options
context:
space:
mode:
Diffstat (limited to 'runtime/staprun/staprun_funcs.c')
-rw-r--r--runtime/staprun/staprun_funcs.c15
1 files changed, 14 insertions, 1 deletions
diff --git a/runtime/staprun/staprun_funcs.c b/runtime/staprun/staprun_funcs.c
index 46271146..1ebd124e 100644
--- a/runtime/staprun/staprun_funcs.c
+++ b/runtime/staprun/staprun_funcs.c
@@ -460,8 +460,21 @@ int check_permissions(void)
#endif
/* If we're root, we can do anything. */
- if (getuid() == 0)
+ if (getuid() == 0) {
+ /* ... like overriding the real UID */
+ const char *env_id = getenv("SYSTEMTAP_REAL_UID");
+ if (env_id && setreuid(atoi(env_id), -1))
+ err("WARNING: couldn't set staprun UID to '%s': %s",
+ env_id, strerror(errno));
+
+ /* ... or overriding the real GID */
+ env_id = getenv("SYSTEMTAP_REAL_GID");
+ if (env_id && setregid(atoi(env_id), -1))
+ err("WARNING: couldn't set staprun GID to '%s': %s",
+ env_id, strerror(errno));
+
return 1;
+ }
/* Check permissions for group membership. */
check_groups_rc = check_groups ();
generated by cgit (git 2.34.1) at 2024-06-02 16:20:46 +0000