OLD | NEW |
1 // Copyright 2014 The Crashpad Authors. All rights reserved. | 1 // Copyright 2014 The Crashpad Authors. All rights reserved. |
2 // | 2 // |
3 // Licensed under the Apache License, Version 2.0 (the "License"); | 3 // Licensed under the Apache License, Version 2.0 (the "License"); |
4 // you may not use this file except in compliance with the License. | 4 // you may not use this file except in compliance with the License. |
5 // You may obtain a copy of the License at | 5 // You may obtain a copy of the License at |
6 // | 6 // |
7 // http://www.apache.org/licenses/LICENSE-2.0 | 7 // http://www.apache.org/licenses/LICENSE-2.0 |
8 // | 8 // |
9 // Unless required by applicable law or agreed to in writing, software | 9 // Unless required by applicable law or agreed to in writing, software |
10 // distributed under the License is distributed on an "AS IS" BASIS, | 10 // distributed under the License is distributed on an "AS IS" BASIS, |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
64 // ensure that privileges cannot be regained. This can only be done if the | 64 // ensure that privileges cannot be regained. This can only be done if the |
65 // real user ID (and now the effective user ID as well) is not root, because | 65 // real user ID (and now the effective user ID as well) is not root, because |
66 // root always has permission to change identity. | 66 // root always has permission to change identity. |
67 if (euid != uid) { | 67 if (euid != uid) { |
68 CHECK_EQ(seteuid(euid), -1); | 68 CHECK_EQ(seteuid(euid), -1); |
69 } | 69 } |
70 if (egid != gid) { | 70 if (egid != gid) { |
71 CHECK_EQ(setegid(egid), -1); | 71 CHECK_EQ(setegid(egid), -1); |
72 } | 72 } |
73 } | 73 } |
74 #elif defined(OS_LINUX) | 74 #elif defined(OS_LINUX) || defined(OS_ANDROID) |
75 PCHECK(setresgid(gid, gid, gid) == 0) << "setresgid"; | 75 PCHECK(setresgid(gid, gid, gid) == 0) << "setresgid"; |
76 PCHECK(setresuid(uid, uid, uid) == 0) << "setresuid"; | 76 PCHECK(setresuid(uid, uid, uid) == 0) << "setresuid"; |
77 | 77 |
78 // Don’t check to see if privileges can be regained on Linux, because on | 78 // Don’t check to see if privileges can be regained on Linux, because on |
79 // Linux, it’s not as simple as ensuring that this can’t be done if non-root. | 79 // Linux, it’s not as simple as ensuring that this can’t be done if non-root. |
80 // Instead, the ability to change user and group IDs are controlled by the | 80 // Instead, the ability to change user and group IDs are controlled by the |
81 // CAP_SETUID and CAP_SETGID capabilities, which may be granted to non-root | 81 // CAP_SETUID and CAP_SETGID capabilities, which may be granted to non-root |
82 // processes. Since the setresXid() interface is well-defined, it shouldn’t be | 82 // processes. Since the setresXid() interface is well-defined, it shouldn’t be |
83 // necessary to perform any additional checking anyway. | 83 // necessary to perform any additional checking anyway. |
84 // | 84 // |
85 // TODO(mark): Drop CAP_SETUID and CAP_SETGID if present and non-root? | 85 // TODO(mark): Drop CAP_SETUID and CAP_SETGID if present and non-root? |
86 #else | 86 #else |
87 #error Port this function to your system. | 87 #error Port this function to your system. |
88 #endif | 88 #endif |
89 } | 89 } |
90 | 90 |
91 } // namespace crashpad | 91 } // namespace crashpad |
OLD | NEW |