mirror of https://github.com/xzeldon/htop.git
Remove setuid support
This support was rarely ever used and has been disabled by default for some time. As far as the developer team is aware there's no distribution that activated this feature in their packages by default.
This commit is contained in:
parent
b1befa3287
commit
a73064dda9
|
@ -63,11 +63,11 @@ jobs:
|
||||||
- name: Bootstrap
|
- name: Bootstrap
|
||||||
run: ./autogen.sh
|
run: ./autogen.sh
|
||||||
- name: Configure
|
- name: Configure
|
||||||
run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities
|
run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities
|
||||||
- name: Build
|
- name: Build
|
||||||
run: make -k
|
run: make -k
|
||||||
- name: Distcheck
|
- name: Distcheck
|
||||||
run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities'
|
run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities'
|
||||||
|
|
||||||
build-ubuntu-latest-full-featured-clang:
|
build-ubuntu-latest-full-featured-clang:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -85,11 +85,11 @@ jobs:
|
||||||
- name: Bootstrap
|
- name: Bootstrap
|
||||||
run: ./autogen.sh
|
run: ./autogen.sh
|
||||||
- name: Configure
|
- name: Configure
|
||||||
run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities
|
run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities
|
||||||
- name: Build
|
- name: Build
|
||||||
run: make -k
|
run: make -k
|
||||||
- name: Distcheck
|
- name: Distcheck
|
||||||
run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities'
|
run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities'
|
||||||
|
|
||||||
build-ubuntu-latest-gcc-static:
|
build-ubuntu-latest-gcc-static:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -104,11 +104,11 @@ jobs:
|
||||||
- name: Bootstrap
|
- name: Bootstrap
|
||||||
run: ./autogen.sh
|
run: ./autogen.sh
|
||||||
- name: Configure
|
- name: Configure
|
||||||
run: ./configure --enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --enable-setuid --disable-delayacct --enable-sensors --enable-capabilities
|
run: ./configure --enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --disable-delayacct --enable-sensors --enable-capabilities
|
||||||
- name: Build
|
- name: Build
|
||||||
run: make -k
|
run: make -k
|
||||||
- name: Distcheck
|
- name: Distcheck
|
||||||
run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --enable-setuid --disable-delayacct --enable-sensors --enable-capabilities'
|
run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --disable-delayacct --enable-sensors --enable-capabilities'
|
||||||
|
|
||||||
build-ubuntu-latest-clang-analyzer:
|
build-ubuntu-latest-clang-analyzer:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -126,7 +126,7 @@ jobs:
|
||||||
- name: Bootstrap
|
- name: Bootstrap
|
||||||
run: ./autogen.sh
|
run: ./autogen.sh
|
||||||
- name: Configure
|
- name: Configure
|
||||||
run: scan-build-11 -analyze-headers --status-bugs ./configure --enable-debug --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities
|
run: scan-build-11 -analyze-headers --status-bugs ./configure --enable-debug --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities
|
||||||
- name: Build
|
- name: Build
|
||||||
run: scan-build-11 -analyze-headers --status-bugs make -j"$(nproc)"
|
run: scan-build-11 -analyze-headers --status-bugs make -j"$(nproc)"
|
||||||
|
|
||||||
|
|
31
CRT.c
31
CRT.c
|
@ -658,37 +658,6 @@ static void CRT_handleSIGTERM(int sgn) {
|
||||||
_exit(0);
|
_exit(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef HAVE_SETUID_ENABLED
|
|
||||||
|
|
||||||
static int CRT_euid = -1;
|
|
||||||
|
|
||||||
static int CRT_egid = -1;
|
|
||||||
|
|
||||||
void CRT_dropPrivileges() {
|
|
||||||
CRT_egid = getegid();
|
|
||||||
CRT_euid = geteuid();
|
|
||||||
if (setegid(getgid()) == -1) {
|
|
||||||
CRT_fatalError("Fatal error: failed dropping group privileges");
|
|
||||||
}
|
|
||||||
if (seteuid(getuid()) == -1) {
|
|
||||||
CRT_fatalError("Fatal error: failed dropping user privileges");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
void CRT_restorePrivileges() {
|
|
||||||
if (CRT_egid == -1 || CRT_euid == -1) {
|
|
||||||
CRT_fatalError("Fatal error: internal inconsistency");
|
|
||||||
}
|
|
||||||
if (setegid(CRT_egid) == -1) {
|
|
||||||
CRT_fatalError("Fatal error: failed restoring group privileges");
|
|
||||||
}
|
|
||||||
if (seteuid(CRT_euid) == -1) {
|
|
||||||
CRT_fatalError("Fatal error: failed restoring user privileges");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#endif /* HAVE_SETUID_ENABLED */
|
|
||||||
|
|
||||||
#ifndef NDEBUG
|
#ifndef NDEBUG
|
||||||
|
|
||||||
static int stderrRedirectNewFd = -1;
|
static int stderrRedirectNewFd = -1;
|
||||||
|
|
11
CRT.h
11
CRT.h
|
@ -160,20 +160,9 @@ extern int CRT_scrollWheelVAmount;
|
||||||
|
|
||||||
extern ColorScheme CRT_colorScheme;
|
extern ColorScheme CRT_colorScheme;
|
||||||
|
|
||||||
#ifdef HAVE_SETUID_ENABLED
|
|
||||||
|
|
||||||
void CRT_dropPrivileges(void);
|
|
||||||
|
|
||||||
void CRT_restorePrivileges(void);
|
|
||||||
|
|
||||||
#else /* HAVE_SETUID_ENABLED */
|
|
||||||
|
|
||||||
/* Turn setuid operations into NOPs */
|
|
||||||
static inline void CRT_dropPrivileges(void) { }
|
static inline void CRT_dropPrivileges(void) { }
|
||||||
static inline void CRT_restorePrivileges(void) { }
|
static inline void CRT_restorePrivileges(void) { }
|
||||||
|
|
||||||
#endif /* HAVE_SETUID_ENABLED */
|
|
||||||
|
|
||||||
void CRT_init(const Settings* settings, bool allowUnicode);
|
void CRT_init(const Settings* settings, bool allowUnicode);
|
||||||
|
|
||||||
void CRT_done(void);
|
void CRT_done(void);
|
||||||
|
|
3
README
3
README
|
@ -58,9 +58,6 @@ By default `make install` will install into `/usr/local`, for changing the path
|
||||||
enable hwloc support for CPU affinity; disables Linux affinity
|
enable hwloc support for CPU affinity; disables Linux affinity
|
||||||
dependency: *libhwloc*
|
dependency: *libhwloc*
|
||||||
default: *no*
|
default: *no*
|
||||||
* `--enable-setuid`:
|
|
||||||
enable setuid support for privilege dropping
|
|
||||||
default: *no*
|
|
||||||
* `--enable-static`:
|
* `--enable-static`:
|
||||||
build a static htop binary; hwloc and delay accounting are not supported
|
build a static htop binary; hwloc and delay accounting are not supported
|
||||||
default: *no*
|
default: *no*
|
||||||
|
|
11
configure.ac
11
configure.ac
|
@ -316,16 +316,6 @@ case "$enable_hwloc" in
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
|
||||||
AC_ARG_ENABLE([setuid],
|
|
||||||
[AS_HELP_STRING([--enable-setuid],
|
|
||||||
[enable setuid support for privilege dropping @<:@default=no@:>@])],
|
|
||||||
[],
|
|
||||||
[enable_setuid=no])
|
|
||||||
if test "x$enable_setuid" = xyes; then
|
|
||||||
AC_DEFINE([HAVE_SETUID_ENABLED], [1], [Define if setuid support should be enabled.])
|
|
||||||
fi
|
|
||||||
|
|
||||||
# ----------------------------------------------------------------------
|
# ----------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
@ -628,7 +618,6 @@ AC_MSG_RESULT([
|
||||||
(Linux) capabilities: $enable_capabilities
|
(Linux) capabilities: $enable_capabilities
|
||||||
unicode: $enable_unicode
|
unicode: $enable_unicode
|
||||||
hwloc: $enable_hwloc
|
hwloc: $enable_hwloc
|
||||||
setuid: $enable_setuid
|
|
||||||
debug: $enable_debug
|
debug: $enable_debug
|
||||||
static: $enable_static
|
static: $enable_static
|
||||||
])
|
])
|
||||||
|
|
Loading…
Reference in New Issue