Greenbone Vulnerability Management Libraries 22.18.1
|
Basic support to drop privileges. More...
#include "drop_privileges.h"
#include <grp.h>
#include <pwd.h>
#include <sys/types.h>
#include <unistd.h>
Macros | |
#define | G_LOG_DOMAIN "libgvm base" |
GLib log domain. | |
Functions | |
static gint | drop_privileges_error (GError **error, gint errorcode, const gchar *message) |
Sets an error and return errorcode . | |
int | drop_privileges (gchar *username, GError **error) |
Drop privileges. | |
Basic support to drop privileges.
#define G_LOG_DOMAIN "libgvm base" |
GLib log domain.
int drop_privileges | ( | gchar * | username, |
GError ** | error ) |
Drop privileges.
We try to drop our (root) privileges and setuid to username
to minimize the risk of privilege escalation. The current implementation is linux-specific and may not work on other platforms.
[in] | username | The user to become. Its safe to pass "NULL", in which case it will default to "nobody". |
[out] | error | Return location for errors or NULL if not interested in errors. |
error
otherwise and returns the error code.
|
static |
Sets an error and return errorcode
.
error | Error to set. |
errorcode | Errorcode (possible values defined in drop_privileges.h), will be returned. |
message | Message to attach to the error. |
errorcode