#include <isc/result.h>
#include <isc/strerror.h>
#include <isc/string.h>
+#include <isc/util.h>
#include <named/globals.h>
#include <named/main.h>
return (-1);
}
+#ifndef HAVE_LINUXTHREADS
static void
setperms(uid_t uid, gid_t gid) {
#if defined(HAVE_SETEGID) || defined(HAVE_SETRESGID)
}
#endif
}
+#endif /* !HAVE_LINUXTHREADS */
FILE *
ns_os_openfile(const char *filename, mode_t mode, bool switch_user) {
free(f);
if (switch_user && runas_pw != NULL) {
-#ifndef HAVE_LINUXTHREADS
+ uid_t olduid = getuid();
gid_t oldgid = getgid();
-#endif
+#ifdef HAVE_LINUXTHREADS
+ REQUIRE(olduid == runas_pw->pw_uid);
+ REQUIRE(oldgid == runas_pw->pw_gid);
+#else
/* Set UID/GID to the one we'll be running with eventually */
setperms(runas_pw->pw_uid, runas_pw->pw_gid);
-
+#endif
fd = safe_open(filename, mode, false);
#ifndef HAVE_LINUXTHREADS
/* Restore UID/GID to root */
- setperms(0, oldgid);
+ setperms(olduid, oldgid);
#endif /* HAVE_LINUXTHREADS */
if (fd == -1) {
projects / thirdparty / bind9.git / commitdiff
