bughz/tinyproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix CVE-2017-11747: Create PID file before dropping privileges.

Browse Source 
Resolves #106

Signed-off-by: Michael Adam <obnox@samba.org>
This commit is contained in:
Michael Adam 2017-11-16 01:52:55 +01:00
parent af1d7ab510
commit 9acb0cb16c
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/main.c
View File

@ -441,6 +441,15 @@ main (int argc, char **argv)
exit (EX_OSERR); exit (EX_OSERR);
} }
/* Create pid file before we drop privileges */
if (config.pidpath) {
if (pidfile_create (config.pidpath) < 0) {
fprintf (stderr, "%s: Could not create PID file.\n",
argv[0]);
exit (EX_OSERR);
}
}
/* Switch to a different user if we're running as root */ /* Switch to a different user if we're running as root */
if (geteuid () == 0) if (geteuid () == 0)
change_user (argv[0]); change_user (argv[0]);
@ -453,15 +462,6 @@ main (int argc, char **argv)
exit (EX_SOFTWARE); exit (EX_SOFTWARE);
} }
/* Create pid file after we drop privileges */
if (config.pidpath) {
if (pidfile_create (config.pidpath) < 0) {
fprintf (stderr, "%s: Could not create PID file.\n",
argv[0]);
exit (EX_OSERR);
}
}
if (child_pool_create () < 0) { if (child_pool_create () < 0) {
fprintf (stderr, fprintf (stderr,
"%s: Could not create the pool of children.\n", "%s: Could not create the pool of children.\n",