From 650a576c569f730428676c995cc0c41ac118a7db Mon Sep 17 00:00:00 2001 From: MadMaurice Date: Fri, 15 Jan 2021 20:22:22 +0100 Subject: [PATCH] Make dropped root privileges permanent seteuid sets the effective uid but at the same time retains the old effective uid as a so called saved uid, which allows the process to go back to root at a later point in time. As we don't want that, we use the function setresuid and setresgid instead, allowing to set the real, effective and saved uid/gid. We keep the real uid/gid unchanged, but set the effective and saved uid/gid to the value of the real uid. This forbids us to not regain root priviliges. --- main.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/main.c b/main.c index 9563625..548b494 100644 --- a/main.c +++ b/main.c @@ -13,15 +13,17 @@ pid_t pid_child; void drop_root(void) { + uid_t uid = getuid(); // Drop root privileges - if (seteuid(getuid()) == -1) + if (setresuid(-1,uid,uid) == -1) { int err = errno; - printf("Failed to drop root privileges with seteuid (%d)\n", err); + printf("Failed to drop root privileges with setresuid (%d)\n", err); exit(err); } - if (setegid(getgid()) == -1) + gid_t gid = getgid(); + if (setresgid(-1,gid,gid) == -1) { int err = errno; printf("Failed to drop root privileges with setegid (%d)\n", err);