From 9a784fd2a5067fe165d6988b250274ee84e45da7 Mon Sep 17 00:00:00 2001
From: Andreas Hofmeister <andi@collax.com>
Date: Sat, 27 Feb 2010 19:58:46 +0100
Subject: [PATCH] Make lldpctl refuse attempts to change anything when running
 setuid.

When running setuid, lldpctl now refuses to set location data. This should
make it save to run the program setuid root by normal users including a
web-server f.e.
---
 src/lldpctl.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/lldpctl.c b/src/lldpctl.c
index f4ec58ca..12d1bc15 100644
--- a/src/lldpctl.c
+++ b/src/lldpctl.c
@@ -1176,9 +1176,13 @@ main(int argc, char *argv[])
 		default:
 			usage();
 		}
-	}		
-	
+	}
+
 	log_init(debug, __progname);
+
+	if ( ( action != 0 ) && ( getuid() != geteuid() ) ) {
+		fatalx("mere mortals may not do that, 'root' privileges are required.");
+	}
 	
 	if ((s = ctl_connect(LLDPD_CTL_SOCKET)) == -1)
 		fatalx("unable to connect to socket " LLDPD_CTL_SOCKET);
-- 
2.39.5