• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

C++ drop_privs函数代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了C++中drop_privs函数的典型用法代码示例。如果您正苦于以下问题:C++ drop_privs函数的具体用法?C++ drop_privs怎么用?C++ drop_privs使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。



在下文中一共展示了drop_privs函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。

示例1: spawn_command

/**
 * Spawn external command using system() with dropped privileges.
 * TODO: avoid system() and use exec*() instead
 */
static int spawn_command(const char *cmd, uid_t uid){
	int child;
	int status = -1;

	if (verbose > 1)
		printf("spawn_command: %s\n", cmd);

	child = fork();
	if (child == -1) {
		perror(_("Unable to fork"));
		return status;
	}

	if (child == 0) {
		if (drop_privs(uid) != 0) exit(-1);

		status = system(cmd);
		status_to_retval(status, status);
		exit(status);
	}

	waitpid(child, &status, 0);
	status_to_retval(status, status);
	return status;
}
开发者ID:HotIceCream,项目名称:selinuxuserspace,代码行数:29,代码来源:seunshare.c


示例2: rend_private_init

/*
 * rend_private_init
 *
 * Initialize howl and start runloop
 */
int rend_private_init(char *user) {
    sw_result result;
    
    DPRINTF(E_DBG,L_REND,"Starting rendezvous services\n");
    signal(SIGHUP,  SIG_IGN);           // SIGHUP might happen from a request to reload the daap server

    if(sw_discovery_init(&rend_handle) != SW_OKAY) {
	DPRINTF(E_WARN,L_REND,"Error initializing howl\n");
	errno=EINVAL;
	return -1;
    }

    if(drop_privs(user)) 
	return -1;

    DPRINTF(E_DBG,L_REND,"Starting polling thread\n");
    
    if(pthread_create(&rend_tid,NULL,rend_pipe_monitor,NULL)) {
	DPRINTF(E_FATAL,L_REND,"Could not start thread.  Terminating\n");
	/* should kill parent, too */
	exit(EXIT_FAILURE);
    }

    DPRINTF(E_DBG,L_REND,"Entering runloop\n");

    sw_discovery_run(rend_handle);

    DPRINTF(E_DBG,L_REND,"Exiting runloop\n");

    return 0;
}
开发者ID:StephenMacras,项目名称:dsl-n55u-bender,代码行数:36,代码来源:rend-howl.c


示例3: main

int main(int argc, char* argv[]) {
    int rc;

    /* drop privileges */
    if (drop_privs() < 0) return EXIT_FAILURE;

    /* parse arguments */
    parse_args(argc, argv);

    /* initialize secure storage directory */
    rc = storage_init(ss_data_root);
    if (rc < 0) return EXIT_FAILURE;

    /* open rpmb device */
    rc = rpmb_open(rpmb_devname, dev_type);
    if (rc < 0) return EXIT_FAILURE;

    /* connect to Trusty secure storage server */
    rc = ipc_connect(trusty_devname, ss_srv_name);
    if (rc < 0) return EXIT_FAILURE;

    /* enter main loop */
    rc = proxy_loop();
    ALOGE("exiting proxy loop with status (%d)\n", rc);

    ipc_disconnect();
    rpmb_close();

    return (rc < 0) ? EXIT_FAILURE : EXIT_SUCCESS;
}
开发者ID:android,项目名称:platform_system_core,代码行数:30,代码来源:proxy.c


示例4: do_mount

static int do_mount(const char *dev, const char *mnt, const char *type,
                    mode_t rootmode, int fd, int fuseflags)
{
    int res;
    struct fuse_mount_data data;
    int flags = MS_NOSUID | MS_NODEV;

    if(getuid() != 0) {
        res = drop_privs();
        if(res == -1)
            return -1;

        flags |= MS_PERMISSION;
    }

    data.version = FUSE_KERNEL_VERSION;
    data.fd = fd;
    data.rootmode = rootmode;
    data.uid = getuid();
    data.flags = fuseflags;

    res = mount(dev, mnt, type, flags, &data);
    if(res == -1)
        fprintf(stderr, "%s: mount failed: %s\n", progname, strerror(errno));

    if(getuid() != 0)
        restore_privs();

    return res;
}
开发者ID:StyXman,项目名称:Trieste,代码行数:30,代码来源:fusermount.c


示例5: try_open

static int try_open(const char *dev, char **devp)
{
    int fd;
     
    if (restore_privs())
	return -1;
    fd = open(dev, O_RDWR);
    if (drop_privs())
	return -1;
    if (fd != -1) {
        *devp = strdup(dev);
        if (*devp == NULL) {
            fprintf(stderr, "%s: failed to allocate memory\n", progname);
            close(fd);
            fd = -1;
        }
    } else if (errno == ENODEV ||
               errno == ENOENT) /* check for ENOENT too, for the udev case */
        return -2;
    else {
        fprintf(stderr, "%s: failed to open %s: %s\n", progname, dev,
                strerror(errno));
    }
    return fd;
}
开发者ID:AllardJ,项目名称:Tomato,代码行数:25,代码来源:fusermount.c


示例6: main

int main(void)
{
    _buttonusr_isr = (void *)&buttonisr_usr;
    _timerusr_isr = (void *)&timerisr_usr;
    _mmhusr_isr = (void *)&mmhisr;

    /* Drop privileges */
    drop_privs();

    /* Init board */
    kk_board_init();

    /* Program the model into OTP, if we're not in screen-test mode, and it's
     * not already there
     */
    (void)flash_programModel();

    /* Init for safeguard against stack overflow (-fstack-protector-all) */
    __stack_chk_guard = (uintptr_t)random32();

    /* Bootloader Verification */
    check_bootloader();

    led_func(SET_RED_LED);
    dbg_print("Application Version %d.%d.%d\n\r", MAJOR_VERSION, MINOR_VERSION,
              PATCH_VERSION);

    /* Init storage */
    storage_init();

    /* Init protcol buffer message map and usb msg callback */
    fsm_init();

    led_func(SET_GREEN_LED);

    usbInit();
    u2fInit();
    led_func(CLR_RED_LED);

    reset_idle_time();

    if (is_mfg_mode())
        layout_screen_test();
    else if (!storage_isInitialized())
        layout_standard_notification("Welcome", "keepkey.com/get-started",
                                     NOTIFICATION_LOGO);
    else
        layoutHomeForced();

    while (1) {
        delay_ms_with_callback(ONE_SEC, &exec, 1);
        increment_idle_time(ONE_SEC);
        toggle_screensaver();
    }

    return 0;
}
开发者ID:keepkey,项目名称:keepkey-firmware,代码行数:57,代码来源:keepkey_main.c


示例7: main

int main(int argc, char **argv)
{
	int ret;

	ASSERT0(putenv("TZ=UTC"));

	cmn_err(CE_INFO, "blahgd version %s", version_string);

	/* drop unneeded privs */
	ret = drop_privs();
	if (ret)
		goto err;

	jeffpc_init(&init_ops);
	init_math(true);
	init_pipe_subsys();
	init_req_subsys();
	init_post_subsys();
	init_file_cache();

	ret = config_load((argc >= 2) ? argv[1] : NULL);
	if (ret)
		goto err;

	ret = load_all_posts();
	if (ret)
		goto err;

	handle_signals();

	ret = start_helpers();
	if (ret)
		goto err_helpers;

	ret = start_listening();
	if (ret)
		goto err_helpers;

	accept_conns();

	stop_listening();

	stop_helpers();

	free_all_posts();
	uncache_all_files();

	return 0;

err_helpers:
	stop_helpers();

err:
	DBG("Failed to inintialize: %s", xstrerror(ret));

	return ret;
}
开发者ID:jeffpc,项目名称:blahgd,代码行数:57,代码来源:daemon.c


示例8: tree

void tree(void) {
	drop_privs(1);
	
	char *arg[4];
	arg[0] = "bash";
	arg[1] = "-c";
	arg[2] = "firemon --tree";
	arg[3] = NULL;
	execvp("/bin/bash", arg); 
}
开发者ID:SeriousBug,项目名称:firejail,代码行数:10,代码来源:list.c


示例9: netstats

void netstats(void) {
	drop_privs(1);
	
	char *arg[4];
	arg[0] = "bash";
	arg[1] = "-c";
	arg[2] = "firemon --netstats";
	arg[3] = NULL;
	execvp("/bin/bash", arg); 
}
开发者ID:SeriousBug,项目名称:firejail,代码行数:10,代码来源:list.c


示例10: tree

void tree(void) {
	EUID_ASSERT();
	drop_privs(1);
	char *cmd = get_firemon_path("--tree");
	
	char *arg[4];
	arg[0] = "bash";
	arg[1] = "-c";
	arg[2] = cmd;
	arg[3] = NULL;
	execvp("/bin/bash", arg); 
}
开发者ID:Acidburn0zzz,项目名称:firejail,代码行数:12,代码来源:list.c


示例11: seccomp_print_filter

void seccomp_print_filter(pid_t pid) {
	// if the pid is that of a firejail  process, use the pid of the first child process
	char *comm = pid_proc_comm(pid);
	if (comm) {
		// remove \n
		char *ptr = strchr(comm, '\n');
		if (ptr)
			*ptr = '\0';
		if (strcmp(comm, "firejail") == 0) {
			pid_t child;
			if (find_child(pid, &child) == 0) {
				pid = child;
			}
		}
		free(comm);
	}

	// check privileges for non-root users
	uid_t uid = getuid();
	if (uid != 0) {
		struct stat s;
		char *dir;
		if (asprintf(&dir, "/proc/%u/ns", pid) == -1)
			errExit("asprintf");
		if (stat(dir, &s) < 0)
			errExit("stat");
		if (s.st_uid != uid) {
			printf("Error: permission denied.\n");
			exit(1);
		}
	}


	// find the seccomp filter
	char *fname;
	if (asprintf(&fname, "/proc/%d/root/tmp/firejail/mnt/seccomp", pid) == -1)
		errExit("asprintf");

	struct stat s;
	if (stat(fname, &s) == -1) {
		printf("Cannot access seccomp filter.\n");
		exit(1);
	}

	// read and print the filter
	read_seccomp_file(fname);
	drop_privs(1);
	filter_debug();

	exit(0);
}
开发者ID:COLABORATI,项目名称:firejail,代码行数:51,代码来源:seccomp.c


示例12: set_privileges

static void set_privileges(void) {
	struct stat s;
	if (stat("/proc/sys/kernel/grsecurity", &s) == 0) {
		EUID_ROOT();

		// elevate privileges
		if (setreuid(0, 0))
			errExit("setreuid");
		if (setregid(0, 0))
			errExit("setregid");
	}
	else
		drop_privs(1);
}
开发者ID:Acidburn0zzz,项目名称:firejail,代码行数:14,代码来源:list.c


示例13: seccomp_print_filter

void seccomp_print_filter(pid_t pid) {
	EUID_ASSERT();
	
	// if the pid is that of a firejail  process, use the pid of the first child process
	char *comm = pid_proc_comm(pid);
	if (comm) {
		// remove \n
		char *ptr = strchr(comm, '\n');
		if (ptr)
			*ptr = '\0';
		if (strcmp(comm, "firejail") == 0) {
			pid_t child;
			if (find_child(pid, &child) == 0) {
				pid = child;
			}
		}
		free(comm);
	}

	// check privileges for non-root users
	uid_t uid = getuid();
	if (uid != 0) {
		uid_t sandbox_uid = pid_get_uid(pid);
		if (uid != sandbox_uid) {
			fprintf(stderr, "Error: permission denied.\n");
			exit(1);
		}
	}


	// find the seccomp filter
	EUID_ROOT();
	char *fname;
	if (asprintf(&fname, "/proc/%d/root%s", pid, RUN_SECCOMP_CFG) == -1)
		errExit("asprintf");

	struct stat s;
	if (stat(fname, &s) == -1) {
		printf("Cannot access seccomp filter.\n");
		exit(1);
	}

	// read and print the filter
	read_seccomp_file(fname);
	drop_privs(1);
	filter_debug();
	free(fname);

	exit(0);
}
开发者ID:andrew160,项目名称:firejail,代码行数:50,代码来源:seccomp.c


示例14: main

int main (int argc, char *argv[])
{
   int     pid,index,usable;
   char    *pgname;

   pgname = argv[0];

   if (argc < 2)
   {
      printf("%s: nothing to do\n",pgname);
      exit(0);
   }

   /* printf("Real UID\tReal GID\tEff UID\tEff GID\n"); */

   init_privs();

   set_privs();

   while (argc > 1)
   {
      usable = 1;

      for (index=0; index < strlen(argv[1]); index++)
      {
	 if (!isdigit(argv[1][index]))
         {
            usable = 0;
            break;
         }
      }

      if (usable)
      {
         pid = atoi(argv[1]);
         /* printf("pid is %d\n",pid); */
         kill(pid,SIGUSR1);
      }
      else
         printf("%s: invalid argument %s\n",pgname,argv[1]);

      argc--;
      argv++;
   }

   drop_privs();

   exit(0);
}
开发者ID:kulhos,项目名称:pip,代码行数:49,代码来源:mintrpt.c


示例15: main

int main(int argc, char* argv[]) {
    
    int sockfd = init_socket();
    logf("Server listening on port %d\n", PORT);
  
    if (signal(SIGCHLD, SIG_IGN) == SIG_ERR) {
        perror("Error setting SIGCHILD handler.");
        return EXIT_FAILURE;
    }

    load_module();

    while (1) {
        socklen_t client_len = sizeof(client);
        int client_fd = accept(sockfd, (struct sockaddr*) &client, &client_len);
        if (client_fd < 0) {
            perror("Error creating socket for incoming connection");
            exit(EXIT_FAILURE);
        }
        logf("New connection from %s on port %d\n", inet_ntoa(client.sin_addr), htons(client.sin_port));

        int pid = fork();
        if (pid < 0) {
            perror("Unable to fork");
            exit(EXIT_FAILURE);
        }

        if (pid == 0) { // client
            alarm(300);
            close(sockfd);

            dup2(client_fd, 0);
            dup2(client_fd, 1);
            setvbuf(stdout, NULL, _IONBF, 0);

            drop_privs();

            interact();

            close(client_fd);
            logf("%s:%d disconnected\n", inet_ntoa(client.sin_addr), htons(client.sin_port));
            exit(EXIT_SUCCESS);
        } else {        // server
            logf("%s:%d forked new process with pid %d\n", inet_ntoa(client.sin_addr), htons(client.sin_port), pid);
            close(client_fd);
        }

    }
}
开发者ID:felixwangchao,项目名称:BlackHoodie-2018-Workshop,代码行数:49,代码来源:server.c


示例16: drop_privs

void drop_privs(const char *username) {
	if (username == nullptr) {
		throw ReferenceError();
	}

	struct passwd *pw = ::getpwnam(username);
	if (pw == nullptr) {
		char buf[256];

		std::snprintf(buf, sizeof(buf),
			"failed to drop privileges: no such user '%s'", username);

		panic(buf);
	}
	drop_privs(pw->pw_uid, pw->pw_gid);
}
开发者ID:dblommesteijn,项目名称:oolib,代码行数:16,代码来源:daemon.cpp


示例17: tcpcryptd

void tcpcryptd(void)
{
	_state.s_divert = divert_open(_conf.cf_port, packet_handler);

	open_unix();

	drop_privs();

	printf("Running\n");

	if (!_conf.cf_disable && !_conf.cf_disable_network_test)
		test_network();

	while (1)
		do_cycle();
}
开发者ID:Inzulus,项目名称:tcpcrypt,代码行数:16,代码来源:tcpcryptd.c


示例18: seccomp_print_filter

void seccomp_print_filter(pid_t pid) {
	// if the pid is that of a firejail  process, use the pid of the first child process
	char *comm = pid_proc_comm(pid);
	if (comm) {
		// remove \n
		char *ptr = strchr(comm, '\n');
		if (ptr)
			*ptr = '\0';
		if (strcmp(comm, "firejail") == 0) {
			pid_t child;
			if (find_child(pid, &child) == 0) {
				pid = child;
			}
		}
		free(comm);
	}

	// check privileges for non-root users
	uid_t uid = getuid();
	if (uid != 0) {
		uid_t sandbox_uid = pid_get_uid(pid);
		if (uid != sandbox_uid) {
			exechelp_logerrv("firejail", FIREJAIL_ERROR, "Error: permission denied to print seccomp filters (sandbox belongs to a different user).\n");
			exit(1);
		}
	}

	// find the seccomp filter
	char *fname;
	if (asprintf(&fname, "/proc/%d/root/tmp/firejail/mnt/seccomp", pid) == -1)
		errExit("asprintf");

	struct stat s;
	if (stat(fname, &s) == -1) {
		exechelp_logerrv("firejail", FIREJAIL_ERROR, "Error: Cannot access seccomp filter.\n");
		exit(1);
	}

	// read and print the filter
	read_seccomp_file(fname);
	drop_privs(1);
	filter_debug();

	exit(0);
}
开发者ID:Sidnioulz,项目名称:firejail,代码行数:45,代码来源:seccomp.c


示例19: drop_privs_user

/*
 * Drop privileges to the specified user account
 */
int drop_privs_user(const char *user_name) {
   struct passwd *pw = getpwnam(user_name);
   if (pw == NULL) {
#ifdef DEBUG      
      err(-1, ERROR_NO_USER, user_name);
#else
      exit(-1);
#endif
   }
   if (drop_privs(pw) == -1) {
#ifdef DEBUG      
      err(-1, ERROR_NO_PRIVS);
#else
      exit(-1);
#endif
   }
   return 0;
}
开发者ID:FlankerZ,项目名称:collabREate,代码行数:21,代码来源:server.cpp


示例20: try_open_fuse_device

static int try_open_fuse_device(char **devp)
{
	int fd;
	int err;

	drop_privs();
	fd = try_open(FUSE_DEV_NEW, devp, 0);
	restore_privs();
	if (fd >= 0)
		return fd;

	err = fd;
	fd = try_open(FUSE_DEV_OLD, devp, 1);
	if (fd >= 0)
		return fd;

	return err;
}
开发者ID:lkzhd,项目名称:glusterfs-annotation,代码行数:18,代码来源:fusermount.c



注:本文中的drop_privs函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
C++ dropbear_exit函数代码示例发布时间:2022-05-30
下一篇:
C++ drop_privileges函数代码示例发布时间:2022-05-30
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap