From a73064dda97d751047748c4539a969495bdadf73 Mon Sep 17 00:00:00 2001
From: Benny Baumann <BenBE@geshi.org>
Date: Tue, 16 Feb 2021 19:34:42 +0100
Subject: [PATCH] Remove setuid support

This support was rarely ever used and has been disabled by default for some time.

As far as the developer team is aware there's no distribution that activated this
feature in their packages by default.
---
 .github/workflows/ci.yml | 14 +++++++-------
 CRT.c                    | 31 -------------------------------
 CRT.h                    | 11 -----------
 README                   |  3 ---
 configure.ac             | 11 -----------
 5 files changed, 7 insertions(+), 63 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index e468efa1..2c80da90 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -63,11 +63,11 @@ jobs:
     - name: Bootstrap
       run: ./autogen.sh
     - name: Configure
-      run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities
+      run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities
     - name: Build
       run: make -k
     - name: Distcheck
-      run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities'
+      run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities'
 
   build-ubuntu-latest-full-featured-clang:
     runs-on: ubuntu-latest
@@ -85,11 +85,11 @@ jobs:
     - name: Bootstrap
       run: ./autogen.sh
     - name: Configure
-      run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities
+      run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities
     - name: Build
       run: make -k
     - name: Distcheck
-      run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities'
+      run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities'
 
   build-ubuntu-latest-gcc-static:
     runs-on: ubuntu-latest
@@ -104,11 +104,11 @@ jobs:
     - name: Bootstrap
       run: ./autogen.sh
     - name: Configure
-      run: ./configure --enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --enable-setuid --disable-delayacct --enable-sensors --enable-capabilities
+      run: ./configure --enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --disable-delayacct --enable-sensors --enable-capabilities
     - name: Build
       run: make -k
     - name: Distcheck
-      run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --enable-setuid --disable-delayacct --enable-sensors --enable-capabilities'
+      run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --disable-delayacct --enable-sensors --enable-capabilities'
 
   build-ubuntu-latest-clang-analyzer:
     runs-on: ubuntu-latest
@@ -126,7 +126,7 @@ jobs:
     - name: Bootstrap
       run: ./autogen.sh
     - name: Configure
-      run: scan-build-11 -analyze-headers --status-bugs ./configure --enable-debug --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities
+      run: scan-build-11 -analyze-headers --status-bugs ./configure --enable-debug --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities
     - name: Build
       run: scan-build-11 -analyze-headers --status-bugs make -j"$(nproc)"
 
diff --git a/CRT.c b/CRT.c
index 7e651c3b..aa115abe 100644
--- a/CRT.c
+++ b/CRT.c
@@ -658,37 +658,6 @@ static void CRT_handleSIGTERM(int sgn) {
    _exit(0);
 }
 
-#ifdef HAVE_SETUID_ENABLED
-
-static int CRT_euid = -1;
-
-static int CRT_egid = -1;
-
-void CRT_dropPrivileges() {
-   CRT_egid = getegid();
-   CRT_euid = geteuid();
-   if (setegid(getgid()) == -1) {
-      CRT_fatalError("Fatal error: failed dropping group privileges");
-   }
-   if (seteuid(getuid()) == -1) {
-      CRT_fatalError("Fatal error: failed dropping user privileges");
-   }
-}
-
-void CRT_restorePrivileges() {
-   if (CRT_egid == -1 || CRT_euid == -1) {
-      CRT_fatalError("Fatal error: internal inconsistency");
-   }
-   if (setegid(CRT_egid) == -1) {
-      CRT_fatalError("Fatal error: failed restoring group privileges");
-   }
-   if (seteuid(CRT_euid) == -1) {
-      CRT_fatalError("Fatal error: failed restoring user privileges");
-   }
-}
-
-#endif /* HAVE_SETUID_ENABLED */
-
 #ifndef NDEBUG
 
 static int stderrRedirectNewFd = -1;
diff --git a/CRT.h b/CRT.h
index e77ec3dc..ddd00169 100644
--- a/CRT.h
+++ b/CRT.h
@@ -160,20 +160,9 @@ extern int CRT_scrollWheelVAmount;
 
 extern ColorScheme CRT_colorScheme;
 
-#ifdef HAVE_SETUID_ENABLED
-
-void CRT_dropPrivileges(void);
-
-void CRT_restorePrivileges(void);
-
-#else /* HAVE_SETUID_ENABLED */
-
-/* Turn setuid operations into NOPs */
 static inline void CRT_dropPrivileges(void) { }
 static inline void CRT_restorePrivileges(void) { }
 
-#endif /* HAVE_SETUID_ENABLED */
-
 void CRT_init(const Settings* settings, bool allowUnicode);
 
 void CRT_done(void);
diff --git a/README b/README
index 09ec9347..a9cb1dfb 100644
--- a/README
+++ b/README
@@ -58,9 +58,6 @@ By default `make install` will install into `/usr/local`, for changing the path
     enable hwloc support for CPU affinity; disables Linux affinity
     dependency: *libhwloc*
     default: *no*
-  * `--enable-setuid`:
-    enable setuid support for privilege dropping
-    default: *no*
   * `--enable-static`:
     build a static htop binary; hwloc and delay accounting are not supported
     default: *no*
diff --git a/configure.ac b/configure.ac
index b2e3fefb..ee7e8ee5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -316,16 +316,6 @@ case "$enable_hwloc" in
       ;;
 esac
 
-
-AC_ARG_ENABLE([setuid],
-              [AS_HELP_STRING([--enable-setuid],
-                              [enable setuid support for privilege dropping @<:@default=no@:>@])],
-              [],
-              [enable_setuid=no])
-if test "x$enable_setuid" = xyes; then
-   AC_DEFINE([HAVE_SETUID_ENABLED], [1], [Define if setuid support should be enabled.])
-fi
-
 # ----------------------------------------------------------------------
 
 
@@ -628,7 +618,6 @@ AC_MSG_RESULT([
   (Linux) capabilities:      $enable_capabilities
   unicode:                   $enable_unicode
   hwloc:                     $enable_hwloc
-  setuid:                    $enable_setuid
   debug:                     $enable_debug
   static:                    $enable_static
 ])