diff options
-rw-r--r-- | src/config.h | 10 | ||||
-rw-r--r-- | src/mds.c | 24 |
2 files changed, 33 insertions, 1 deletions
diff --git a/src/config.h b/src/config.h index 551568c..ef49b4d 100644 --- a/src/config.h +++ b/src/config.h @@ -50,7 +50,15 @@ #define ROOT_GROUP_GID 0 #endif -/* There two names above are redundant, but hat is to avoid errors. */ + +/** + * The group ID for the nobody group + */ +#ifndef NOBODY_GROUP_GID +#define NOBODY_GROUP_GID ROOT_GROUP_GID +#endif + +/* There three names above are redundant, but hat is to avoid errors. */ /** @@ -28,6 +28,7 @@ #include <string.h> #include <stdlib.h> #include <signal.h> +#include <sys/socket.h> /** @@ -50,6 +51,7 @@ static const char** argv; */ int main(int argc_, const char** argv_) { + struct sockaddr_un address; char pathname[PATH_MAX]; char piddata[64]; unsigned int display; @@ -178,11 +180,33 @@ int main(int argc_, const char** argv_) "%s=%u", DISPLAY_ENV, display); putenv(pathname); + /* Create display socket. */ + snprintf(pathname, sizeof(pathname) / sizeof(char), "%s/%u.socket", + MDS_RUNTIME_ROOT_DIRECTORY, display); + address.sun_family = AF_UNIX; + strcpy(address.sun_path, path); + unlink(pathname); + fd = socket(AF_UNIX, SOCK_STREAM, 0); + if ((fchmod(fd, S_IRWXU) < 0) || + (fchown(fd, getuid(), NOBODY_GROUP_GID) < 0)) + { + perror(*argv); + close(fd); + return 1; + } + if (bind(fd, (struct sockaddr*)(&address), sizeof(address)) < 0) + { + perror(*argv); + close(fd); + return 1; + } + /* Drop privileges. They most not be propagated non-authorised components. */ /* setgid should not be set, but just to be safe we are restoring both user and group. */ if ((seteuid(getuid()) < 0) || (setegid(getgid()) < 0)) { perror(*argv); + close(fd); return 1; } |