Greenbone Vulnerability Management Libraries  11.0.0
drop_privileges.h File Reference

Privilege dropping header file. More...

#include <glib.h>
Include dependency graph for drop_privileges.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define GVM_DROP_PRIVILEGES   g_quark_from_static_string ("gvm-drop-privileges-error-quark")
 The GQuark for privilege dropping errors. More...
 
#define GVM_DROP_PRIVILEGES_ERROR_ALREADY_SET   -1
 Definition of the return code ERROR_ALREADY_SET. More...
 
#define GVM_DROP_PRIVILEGES_OK   0
 Definition of the return code OK. More...
 
#define GVM_DROP_PRIVILEGES_FAIL_NOT_ROOT   1
 Definition of the return code FAIL_NOT_ROOT. More...
 
#define GVM_DROP_PRIVILEGES_FAIL_UNKNOWN_USER   2
 Definition of the return code FAIL_UNKNOWN_USER. More...
 
#define GVM_DROP_PRIVILEGES_FAIL_DROP_GID   3
 Definition of the return code FAIL_DROP_GID. More...
 
#define GVM_DROP_PRIVILEGES_FAIL_DROP_UID   4
 Definition of the return code FAIL_DROP_UID. More...
 
#define GVM_DROP_PRIVILEGES_FAIL_SUPPLEMENTARY   5
 Definition of the return code FAIL_SUPPLEMENTARY. More...
 

Functions

int drop_privileges (gchar *username, GError **error)
 Drop privileges. More...
 

Detailed Description

Privilege dropping header file.

Definition in file drop_privileges.h.

Macro Definition Documentation

◆ GVM_DROP_PRIVILEGES

#define GVM_DROP_PRIVILEGES   g_quark_from_static_string ("gvm-drop-privileges-error-quark")

The GQuark for privilege dropping errors.

Definition at line 33 of file drop_privileges.h.

◆ GVM_DROP_PRIVILEGES_ERROR_ALREADY_SET

#define GVM_DROP_PRIVILEGES_ERROR_ALREADY_SET   -1

Definition of the return code ERROR_ALREADY_SET.

Definition at line 39 of file drop_privileges.h.

◆ GVM_DROP_PRIVILEGES_FAIL_DROP_GID

#define GVM_DROP_PRIVILEGES_FAIL_DROP_GID   3

Definition of the return code FAIL_DROP_GID.

Definition at line 59 of file drop_privileges.h.

◆ GVM_DROP_PRIVILEGES_FAIL_DROP_UID

#define GVM_DROP_PRIVILEGES_FAIL_DROP_UID   4

Definition of the return code FAIL_DROP_UID.

Definition at line 64 of file drop_privileges.h.

◆ GVM_DROP_PRIVILEGES_FAIL_NOT_ROOT

#define GVM_DROP_PRIVILEGES_FAIL_NOT_ROOT   1

Definition of the return code FAIL_NOT_ROOT.

Definition at line 49 of file drop_privileges.h.

◆ GVM_DROP_PRIVILEGES_FAIL_SUPPLEMENTARY

#define GVM_DROP_PRIVILEGES_FAIL_SUPPLEMENTARY   5

Definition of the return code FAIL_SUPPLEMENTARY.

Definition at line 69 of file drop_privileges.h.

◆ GVM_DROP_PRIVILEGES_FAIL_UNKNOWN_USER

#define GVM_DROP_PRIVILEGES_FAIL_UNKNOWN_USER   2

Definition of the return code FAIL_UNKNOWN_USER.

Definition at line 54 of file drop_privileges.h.

◆ GVM_DROP_PRIVILEGES_OK

#define GVM_DROP_PRIVILEGES_OK   0

Definition of the return code OK.

Definition at line 44 of file drop_privileges.h.

Function Documentation

◆ drop_privileges()

int drop_privileges ( gchar *  username,
GError **  error 
)

Drop privileges.

We try to drop our (root) privileges and setuid to username to minimize the risk of privilege escalation. The current implementation is linux-specific and may not work on other platforms.

Parameters
[in]usernameThe user to become. Its safe to pass "NULL", in which case it will default to "nobody".
[out]errorReturn location for errors or NULL if not interested in errors.
Returns
GVM_DROP_PRIVILEGES_OK in case of success. Sets error otherwise and returns the error code.

Definition at line 66 of file drop_privileges.c.

67 {
68  g_return_val_if_fail (*error == NULL, GVM_DROP_PRIVILEGES_ERROR_ALREADY_SET);
69 
70  if (username == NULL)
71  username = "nobody";
72 
73  if (geteuid () == 0)
74  {
75  struct passwd *user_pw = NULL;
76 
77  if ((user_pw = getpwnam (username)))
78  {
79  if (initgroups (username, user_pw->pw_gid) != 0)
80  return drop_privileges_error (
82  "Failed to drop supplementary groups privileges!\n");
83  if (setgid (user_pw->pw_gid) != 0)
84  return drop_privileges_error (error,
86  "Failed to drop group privileges!\n");
87  if (setuid (user_pw->pw_uid) != 0)
88  return drop_privileges_error (error,
90  "Failed to drop user privileges!\n");
91  }
92  else
93  {
94  g_set_error (error, GVM_DROP_PRIVILEGES,
96  "Failed to get gid and uid for user %s.", username);
98  }
100  }
101  else
102  {
104  "Only root can drop its privileges.");
105  }
106 }

References drop_privileges_error(), GVM_DROP_PRIVILEGES, GVM_DROP_PRIVILEGES_ERROR_ALREADY_SET, GVM_DROP_PRIVILEGES_FAIL_DROP_GID, GVM_DROP_PRIVILEGES_FAIL_DROP_UID, GVM_DROP_PRIVILEGES_FAIL_NOT_ROOT, GVM_DROP_PRIVILEGES_FAIL_SUPPLEMENTARY, GVM_DROP_PRIVILEGES_FAIL_UNKNOWN_USER, and GVM_DROP_PRIVILEGES_OK.

Here is the call graph for this function:
drop_privileges_error
static gint drop_privileges_error(GError **error, gint errorcode, const gchar *message)
Sets an error and return errorcode.
Definition: drop_privileges.c:43
GVM_DROP_PRIVILEGES_FAIL_DROP_UID
#define GVM_DROP_PRIVILEGES_FAIL_DROP_UID
Definition of the return code FAIL_DROP_UID.
Definition: drop_privileges.h:64
GVM_DROP_PRIVILEGES_ERROR_ALREADY_SET
#define GVM_DROP_PRIVILEGES_ERROR_ALREADY_SET
Definition of the return code ERROR_ALREADY_SET.
Definition: drop_privileges.h:39
GVM_DROP_PRIVILEGES_FAIL_NOT_ROOT
#define GVM_DROP_PRIVILEGES_FAIL_NOT_ROOT
Definition of the return code FAIL_NOT_ROOT.
Definition: drop_privileges.h:49
GVM_DROP_PRIVILEGES_FAIL_SUPPLEMENTARY
#define GVM_DROP_PRIVILEGES_FAIL_SUPPLEMENTARY
Definition of the return code FAIL_SUPPLEMENTARY.
Definition: drop_privileges.h:69
GVM_DROP_PRIVILEGES_FAIL_UNKNOWN_USER
#define GVM_DROP_PRIVILEGES_FAIL_UNKNOWN_USER
Definition of the return code FAIL_UNKNOWN_USER.
Definition: drop_privileges.h:54
GVM_DROP_PRIVILEGES_FAIL_DROP_GID
#define GVM_DROP_PRIVILEGES_FAIL_DROP_GID
Definition of the return code FAIL_DROP_GID.
Definition: drop_privileges.h:59
GVM_DROP_PRIVILEGES
#define GVM_DROP_PRIVILEGES
The GQuark for privilege dropping errors.
Definition: drop_privileges.h:33
GVM_DROP_PRIVILEGES_OK
#define GVM_DROP_PRIVILEGES_OK
Definition of the return code OK.
Definition: drop_privileges.h:44