From ab3a7c2fa826932c9c297885b0ea33f1d880cc01 Mon Sep 17 00:00:00 2001 From: Michael Klein Date: Mon, 7 Dec 2015 20:10:09 +0100 Subject: [PATCH] drop privileges before changing process priority or sending signals - replaces uid check from d18e9a4895599a479df264a6c7380b8805abb434 --- Process.c | 23 ++++++++++++----------- Process.h | 2 ++ 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/Process.c b/Process.c index a1c2079c..8046daf1 100644 --- a/Process.c +++ b/Process.c @@ -513,16 +513,15 @@ void Process_toggleTag(Process* this) { } bool Process_setPriority(Process* this, int priority) { - if ( Process_getuid == 0 || Process_getuid == (int) this->st_uid ) { - int old_prio = getpriority(PRIO_PROCESS, this->pid); - int err = setpriority(PRIO_PROCESS, this->pid, priority); - if (err == 0 && old_prio != getpriority(PRIO_PROCESS, this->pid)) { - this->nice = priority; - } - return (err == 0); + uid_t euid = geteuid(); + seteuid(getuid()); + int old_prio = getpriority(PRIO_PROCESS, this->pid); + int err = setpriority(PRIO_PROCESS, this->pid, priority); + seteuid(euid); + if (err == 0 && old_prio != getpriority(PRIO_PROCESS, this->pid)) { + this->nice = priority; } - else - return false; + return (err == 0); } bool Process_changePriorityBy(Process* this, size_t delta) { @@ -530,8 +529,10 @@ bool Process_changePriorityBy(Process* this, size_t delta) { } void Process_sendSignal(Process* this, size_t sgn) { - if ( Process_getuid == 0 || Process_getuid == (int) this->st_uid ) - kill(this->pid, (int) sgn); + uid_t euid = geteuid(); + seteuid(getuid()); + kill(this->pid, (int) sgn); + seteuid(euid); } long Process_pidCompare(const void* v1, const void* v2) { diff --git a/Process.h b/Process.h index 841b1291..d856c035 100644 --- a/Process.h +++ b/Process.h @@ -158,6 +158,8 @@ typedef struct ProcessClass_ { #define ONE_DECIMAL_M (ONE_DECIMAL_K * ONE_DECIMAL_K) #define ONE_DECIMAL_G (ONE_DECIMAL_M * ONE_DECIMAL_K) +extern char Process_pidFormat[20]; + void Process_setupColumnWidths(); void Process_humanNumber(RichString* str, unsigned long number, bool coloring);