Fix CVE-2017-11747: Create PID file before dropping privileges.
Resolves #106 Signed-off-by: Michael Adam <obnox@samba.org>
This commit is contained in:
Michael Adam
parent
af1d7ab510
commit
9acb0cb16c
18
src/main.c
18
src/main.c
@ -441,6 +441,15 @@ main (int argc, char **argv)
|
|||||||
exit (EX_OSERR);
|
exit (EX_OSERR);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Create pid file before we drop privileges */
|
||||||
|
if (config.pidpath) {
|
||||||
|
if (pidfile_create (config.pidpath) < 0) {
|
||||||
|
fprintf (stderr, "%s: Could not create PID file.\n",
|
||||||
|
argv[0]);
|
||||||
|
exit (EX_OSERR);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* Switch to a different user if we're running as root */
|
/* Switch to a different user if we're running as root */
|
||||||
if (geteuid () == 0)
|
if (geteuid () == 0)
|
||||||
change_user (argv[0]);
|
change_user (argv[0]);
|
||||||
@ -453,15 +462,6 @@ main (int argc, char **argv)
|
|||||||
exit (EX_SOFTWARE);
|
exit (EX_SOFTWARE);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Create pid file after we drop privileges */
|
|
||||||
if (config.pidpath) {
|
|
||||||
if (pidfile_create (config.pidpath) < 0) {
|
|
||||||
fprintf (stderr, "%s: Could not create PID file.\n",
|
|
||||||
argv[0]);
|
|
||||||
exit (EX_OSERR);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (child_pool_create () < 0) {
|
if (child_pool_create () < 0) {
|
||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
"%s: Could not create the pool of children.\n",
|
"%s: Could not create the pool of children.\n",
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user