tKeep setuid/setgid syscalls in main() - partage - File upload system
(HTM) git clone git://git.z3bra.org/partage.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 0dd0507f6726df84532eab8003408a1ff98e7ac6
(DIR) parent b34a441051b3ef7bb209b74bb7d37d019d7deb7e
(HTM) Author: Willy Goiffon <dev@z3bra.org>
Date: Tue, 19 Oct 2021 19:39:20 +0200
Keep setuid/setgid syscalls in main()
Diffstat:
M partage.go | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)
---
(DIR) diff --git a/partage.go b/partage.go
t@@ -265,10 +265,10 @@ func parseconfig(file string) error {
return nil
}
-func dropprivilege(username string, groupname string) error {
+func usergroupids(username string, groupname string) (int, int, error) {
u, err := user.Lookup(username)
if err != nil {
- return err
+ return -1, -1, err
}
uid, _ := strconv.Atoi(u.Uid)
t@@ -277,15 +277,12 @@ func dropprivilege(username string, groupname string) error {
if conf.group != "" {
g, err := user.LookupGroup(groupname)
if err != nil {
- return err
+ return uid, -1, err
}
gid, _ = strconv.Atoi(g.Gid)
}
- syscall.Setuid(uid)
- syscall.Setgid(gid)
-
- return nil
+ return uid, gid, nil
}
func main() {
t@@ -325,7 +322,12 @@ func main() {
if verbose {
log.Printf("Dropping privileges to %s", conf.user)
}
- dropprivilege(conf.user, conf.group)
+ uid, gid, err := usergroupids(conf.user, conf.group)
+ if err != nil {
+ log.Fatal(err)
+ }
+ syscall.Setuid(uid)
+ syscall.Setgid(gid)
}
http.HandleFunc("/", uploader)