xref: /third_party/pulseaudio/src/daemon/caps.c (revision 53a5a1b3) 
1/***
2  This file is part of PulseAudio.
3
4  Copyright 2004-2006 Lennart Poettering
5  Copyright 2006 Pierre Ossman <ossman@cendio.se> for Cendio AB
6
7  PulseAudio is free software; you can redistribute it and/or modify
8  it under the terms of the GNU Lesser General Public License as published
9  by the Free Software Foundation; either version 2.1 of the License,
10  or (at your option) any later version.
11
12  PulseAudio is distributed in the hope that it will be useful, but
13  WITHOUT ANY WARRANTY; without even the implied warranty of
14  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15  General Public License for more details.
16
17  You should have received a copy of the GNU Lesser General Public License
18  along with PulseAudio; if not, see <http://www.gnu.org/licenses/>.
19***/
20
21#ifdef HAVE_CONFIG_H
22#include <config.h>
23#endif
24
25#include <unistd.h>
26#include <errno.h>
27#include <sys/types.h>
28
29#include <pulsecore/i18n.h>
30#include <pulsecore/macro.h>
31#include <pulsecore/log.h>
32
33#ifdef HAVE_SYS_CAPABILITY_H
34#include <sys/capability.h>
35#endif
36
37#include "caps.h"
38
39/* Glibc <= 2.2 has broken unistd.h */
40#if defined(__linux__) && (__GLIBC__ <= 2 && __GLIBC_MINOR__ <= 2)
41int setresgid(gid_t r, gid_t e, gid_t s);
42int setresuid(uid_t r, uid_t e, uid_t s);
43#endif
44
45/* Drop root rights when called SUID root */
46void pa_drop_root(void) {
47
48#ifdef HAVE_GETUID
49    uid_t uid;
50    gid_t gid;
51
52    pa_log_debug("Cleaning up privileges.");
53    uid = getuid();
54    gid = getgid();
55
56#if defined(HAVE_SETRESUID)
57    pa_assert_se(setresuid(uid, uid, uid) >= 0);
58    pa_assert_se(setresgid(gid, gid, gid) >= 0);
59#elif defined(HAVE_SETREUID)
60    pa_assert_se(setreuid(uid, uid) >= 0);
61    pa_assert_se(setregid(gid, gid) >= 0);
62#else
63    pa_assert_se(setuid(uid) >= 0);
64    pa_assert_se(seteuid(uid) >= 0);
65    pa_assert_se(setgid(gid) >= 0);
66    pa_assert_se(setegid(gid) >= 0);
67#endif
68
69    pa_assert_se(getuid() == uid);
70    pa_assert_se(geteuid() == uid);
71    pa_assert_se(getgid() == gid);
72    pa_assert_se(getegid() == gid);
73
74    if (uid != 0)
75        pa_drop_caps();
76#endif
77}
78
79void pa_drop_caps(void) {
80#ifdef HAVE_SYS_CAPABILITY_H
81#if defined(__linux__)
82    cap_t caps;
83    pa_assert_se(caps = cap_init());
84    pa_assert_se(cap_clear(caps) == 0);
85    pa_assert_se(cap_set_proc(caps) == 0);
86    pa_assert_se(cap_free(caps) == 0);
87#elif defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
88    /* FreeBSD doesn't have this functionality, even though sys/capability.h is
89     * available. See https://bugs.freedesktop.org/show_bug.cgi?id=72580 */
90    pa_log_warn("FreeBSD cannot drop extra capabilities, implementation needed.");
91#else
92#error "Don't know how to do capabilities on your system.  Please send a patch."
93#endif /* __linux__ */
94#else /* HAVE_SYS_CAPABILITY_H */
95    pa_log_warn("Normally all extra capabilities would be dropped now, but "
96                "that's impossible because PulseAudio was built without "
97                "capabilities support.");
98#endif
99}
100