zeldon/htop
1
0
Fork 0
mirror of https://github.com/xzeldon/htop.git synced 2025-07-12 04:04:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Security review: make privilege dropping-restoring optional.

Browse Source 
This is/was necessary only on macOS, because you needed root in order
to read the process list. This was never necessary on Linux, and
it also raises security concerns, so now it needs to be enabled
explicitly at build time.
This commit is contained in:
Hisham Muhammad
2017-07-26 15:40:55 -03:00
parent f205f7004c
commit 543d65c6ab
7 changed files with 92 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
Process.c
View File

@ -522,11 +522,10 @@ void Process_toggleTag(Process* this) {
}
bool Process_setPriority(Process* this, int priority) {
uid_t euid = geteuid();
(void) seteuid(getuid());
CRT_dropPrivileges();
int old_prio = getpriority(PRIO_PROCESS, this->pid);
int err = setpriority(PRIO_PROCESS, this->pid, priority);
(void) seteuid(euid);
CRT_restorePrivileges();
if (err == 0 && old_prio != getpriority(PRIO_PROCESS, this->pid)) {
this->nice = priority;
}
@ -538,10 +537,9 @@ bool Process_changePriorityBy(Process* this, size_t delta) {
}
void Process_sendSignal(Process* this, size_t sgn) {
uid_t euid = geteuid();
(void) seteuid(getuid());
CRT_dropPrivileges();
kill(this->pid, (int) sgn);
(void) seteuid(euid);
CRT_restorePrivileges();
}
long Process_pidCompare(const void* v1, const void* v2) {