diff options
| author | pjd <pjd@FreeBSD.org> | 2011-02-03 10:44:40 +0000 |
|---|---|---|
| committer | pjd <pjd@FreeBSD.org> | 2011-02-03 10:44:40 +0000 |
| commit | f5164be44bd5f410c13c78d1d26dd620d0fc0d1f (patch) | |
| tree | 09b49f9ff0e2c8b46bb4f18d3c2eb9bd11d84f3e /sbin/hastctl | |
| parent | c7493a8a8581e0ac1368ee3781fd6d716baba105 (diff) | |
| download | FreeBSD-src-f5164be44bd5f410c13c78d1d26dd620d0fc0d1f.zip FreeBSD-src-f5164be44bd5f410c13c78d1d26dd620d0fc0d1f.tar.gz | |
Drop privileges after connecting to hastd, but before sending or receiving
anything.
MFC after: 1 week
Diffstat (limited to 'sbin/hastctl')
| -rw-r--r-- | sbin/hastctl/hastctl.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/sbin/hastctl/hastctl.c b/sbin/hastctl/hastctl.c index beb2fa1..b3cd106 100644 --- a/sbin/hastctl/hastctl.c +++ b/sbin/hastctl/hastctl.c @@ -491,6 +491,11 @@ main(int argc, char *argv[]) pjdlog_exit(EX_OSERR, "Unable to connect to hastd via %s", cfg->hc_controladdr); } + + if (drop_privs() != 0) + exit(EX_CONFIG); + pjdlog_debug(1, "Privileges successfully dropped."); + /* Send the command to the server... */ if (hast_proto_send(NULL, controlconn, nv, NULL, 0) < 0) { pjdlog_exit(EX_UNAVAILABLE, |
