mirror of https://github.com/xzeldon/htop.git
add some security checks when running SUID root
on Darwin, htop needs to run with root privileges to display information about other users processes. This commit makes running htop SUID root a bit more safe.
This commit is contained in:
parent
670a2de692
commit
d18e9a4895
|
@ -513,12 +513,16 @@ void Process_toggleTag(Process* this) {
|
|||
}
|
||||
|
||||
bool Process_setPriority(Process* this, int priority) {
|
||||
if ( Process_getuid == 0 || Process_getuid == (int) this->st_uid ) {
|
||||
int old_prio = getpriority(PRIO_PROCESS, this->pid);
|
||||
int err = setpriority(PRIO_PROCESS, this->pid, priority);
|
||||
if (err == 0 && old_prio != getpriority(PRIO_PROCESS, this->pid)) {
|
||||
this->nice = priority;
|
||||
}
|
||||
return (err == 0);
|
||||
}
|
||||
else
|
||||
return false;
|
||||
}
|
||||
|
||||
bool Process_changePriorityBy(Process* this, size_t delta) {
|
||||
|
@ -526,6 +530,7 @@ bool Process_changePriorityBy(Process* this, size_t delta) {
|
|||
}
|
||||
|
||||
void Process_sendSignal(Process* this, size_t sgn) {
|
||||
if ( Process_getuid == 0 || Process_getuid == (int) this->st_uid )
|
||||
kill(this->pid, (int) sgn);
|
||||
}
|
||||
|
||||
|
|
|
@ -86,6 +86,7 @@ void TraceScreen_run(TraceScreen* this) {
|
|||
int child = fork();
|
||||
if (child == -1) return;
|
||||
if (child == 0) {
|
||||
seteuid(getuid());
|
||||
dup2(fdpair[1], STDERR_FILENO);
|
||||
int ok = fcntl(fdpair[1], F_SETFL, O_NONBLOCK);
|
||||
if (ok != -1) {
|
||||
|
|
Loading…
Reference in New Issue