From: Andreas Hofmeister <andi@collax.com>
Date: Sat, 27 Feb 2010 18:58:46 +0000 (+0100)
Subject: Make lldpctl refuse attempts to change anything when running setuid.
X-Git-Tag: 0.5.0~19
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9a784fd2a5067fe165d6988b250274ee84e45da7;p=thirdparty%2Flldpd.git

Make lldpctl refuse attempts to change anything when running setuid.

When running setuid, lldpctl now refuses to set location data. This should
make it save to run the program setuid root by normal users including a
web-server f.e.
---

diff --git a/src/lldpctl.c b/src/lldpctl.c
index f4ec58ca..12d1bc15 100644
--- a/src/lldpctl.c
+++ b/src/lldpctl.c
@@ -1176,9 +1176,13 @@ main(int argc, char *argv[])
 		default:
 			usage();
 		}
-	}		
-	
+	}
+
 	log_init(debug, __progname);
+
+	if ( ( action != 0 ) && ( getuid() != geteuid() ) ) {
+		fatalx("mere mortals may not do that, 'root' privileges are required.");
+	}
 	
 	if ((s = ctl_connect(LLDPD_CTL_SOCKET)) == -1)
 		fatalx("unable to connect to socket " LLDPD_CTL_SOCKET);