|
Greenbone Vulnerability Management Libraries 22.26.0
|
Basic support to drop privileges. More...
#include "drop_privileges.h"#include <grp.h>#include <pwd.h>#include <sys/types.h>#include <unistd.h>Macros | |
| #define | G_LOG_DOMAIN "libgvm base" |
| GLib log domain. | |
Functions | |
| static gint | drop_privileges_error (GError **error, gint errorcode, const gchar *message) |
Sets an error and return errorcode. | |
| int | drop_privileges (gchar *username, GError **error) |
| Drop privileges. | |
Basic support to drop privileges.
| #define G_LOG_DOMAIN "libgvm base" |
GLib log domain.
| int drop_privileges | ( | gchar * | username, |
| GError ** | error ) |
Drop privileges.
We try to drop our (root) privileges and setuid to username to minimize the risk of privilege escalation. The current implementation is linux-specific and may not work on other platforms.
| [in] | username | The user to become. Its safe to pass "NULL", in which case it will default to "nobody". |
| [out] | error | Return location for errors or NULL if not interested in errors. |
error otherwise and returns the error code.
|
static |
Sets an error and return errorcode.
| error | Error to set. |
| errorcode | Errorcode (possible values defined in drop_privileges.h), will be returned. |
| message | Message to attach to the error. |
errorcode