Use prctl to reenable core dumps when we have setuid to a non-root user.
svn:r18449
This commit is contained in:
parent
f95ab83792
commit
f99098cca4
|
@ -1,4 +1,7 @@
|
|||
Changes in version 0.2.1.13-????? - 2009-0?-??
|
||||
o Minor features:
|
||||
- On Linux, use the prctl call to re-enable core dumps when the user
|
||||
is option is set.
|
||||
|
||||
|
||||
Changes in version 0.2.1.12-alpha - 2009-02-08
|
||||
|
|
|
@ -196,7 +196,7 @@ dnl -------------------------------------------------------------------
|
|||
dnl Check for functions before libevent, since libevent-1.2 apparently
|
||||
dnl exports strlcpy without defining it in a header.
|
||||
|
||||
AC_CHECK_FUNCS(gettimeofday ftime socketpair uname inet_aton strptime getrlimit strlcat strlcpy strtoull getaddrinfo localtime_r gmtime_r memmem strtok_r writev readv flock)
|
||||
AC_CHECK_FUNCS(gettimeofday ftime socketpair uname inet_aton strptime getrlimit strlcat strlcpy strtoull getaddrinfo localtime_r gmtime_r memmem strtok_r writev readv flock prctl)
|
||||
|
||||
using_custom_malloc=no
|
||||
if test x$enable_openbsd_malloc = xyes ; then
|
||||
|
@ -328,7 +328,7 @@ AC_CHECK_HEADERS(netdb.h sys/ioctl.h sys/socket.h arpa/inet.h netinet/in.h pwd.h
|
|||
|
||||
dnl These headers are not essential
|
||||
|
||||
AC_CHECK_HEADERS(stdint.h sys/types.h inttypes.h sys/param.h sys/wait.h limits.h sys/limits.h netinet/in.h arpa/inet.h machine/limits.h syslog.h sys/time.h sys/resource.h inttypes.h utime.h sys/utime.h sys/mman.h netinet/in6.h malloc.h sys/syslimits.h malloc/malloc.h linux/types.h sys/file.h malloc_np.h)
|
||||
AC_CHECK_HEADERS(stdint.h sys/types.h inttypes.h sys/param.h sys/wait.h limits.h sys/limits.h netinet/in.h arpa/inet.h machine/limits.h syslog.h sys/time.h sys/resource.h inttypes.h utime.h sys/utime.h sys/mman.h netinet/in6.h malloc.h sys/syslimits.h malloc/malloc.h linux/types.h sys/file.h malloc_np.h sys/prctl.h)
|
||||
|
||||
TOR_CHECK_PROTOTYPE(malloc_good_size, HAVE_MALLOC_GOOD_SIZE_PROTOTYPE,
|
||||
[#ifdef HAVE_MALLOC_H
|
||||
|
|
|
@ -83,6 +83,10 @@
|
|||
#ifdef HAVE_SYS_FILE_H
|
||||
#include <sys/file.h>
|
||||
#endif
|
||||
#if defined(HAVE_SYS_PRCTL_H) && defined(__linux__)
|
||||
/* Only use the linux prctl; the IRIX prctl is totally different */
|
||||
#include <sys/prctl.h>
|
||||
#endif
|
||||
|
||||
#include "log.h"
|
||||
#include "util.h"
|
||||
|
@ -1223,6 +1227,18 @@ switch_id(const char *user)
|
|||
}
|
||||
|
||||
have_already_switched_id = 1; /* mark success so we never try again */
|
||||
|
||||
#if defined(__linux__) && defined(HAVE_SYS_PRCTL_H) && defined(HAVE_PRCTL)
|
||||
#ifdef PR_SET_DUMPABLE
|
||||
if (pw->pw_uid) {
|
||||
/* Re-enable core dumps if we're not running as root. */
|
||||
log_info(LD_CONFIG, "Re-enabling coredumps");
|
||||
if (prctl(PR_SET_DUMPABLE, 1)) {
|
||||
log_warn(LD_CONFIG, "Unable to re-enable coredumps: %s",strerror(errno));
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
return 0;
|
||||
|
||||
#else
|
||||
|
|
Loading…
Reference in New Issue