Privs can only be dropped after reading key files.

author: Laurent Bercot <ska-skaware@skarnet.org> 2020-11-21 02:22:09 +0000
committer: Laurent Bercot <ska-skaware@skarnet.org> 2020-11-21 02:22:09 +0000
commit: 5c2880becc94141b8035b3488b6bd60696011308 (patch)
tree: 51e177122b50e248075dae441e4a76d68fd33081 /src/conn-tools/s6tls_drop.c
parent: 5715c21a077ee1c2fe8957cb4adcea14fd2eda6b (diff)
download: s6-networking-5c2880becc94141b8035b3488b6bd60696011308.tar.xz
1 files changed, 0 insertions, 24 deletions
diff --git a/src/conn-tools/s6tls_drop.c b/src/conn-tools/s6tls_drop.c
deleted file mode 100644
index 6b6f67f..0000000
--- a/src/conn-tools/s6tls_drop.c
+++ /dev/null
@@ -1,24 +0,0 @@
-/* ISC license. */
-
-#include <unistd.h>
-#include <stdlib.h>
-
-#include <skalibs/strerr2.h>
-#include <skalibs/types.h>
-
-#include "s6tls-internal.h"
-
-void s6tls_drop (void)
-{
-  if (!getuid())
-  {
-    uid_t uid ;
-    gid_t gid ;
-    char const *x = getenv("TLS_UID") ;
-    if (x && !uid0_scan(x, &uid)) strerr_dieinvalid(100, "TLS_UID") ;
-    x = getenv("TLS_GID") ;
-    if (x && !gid0_scan(x, &gid)) strerr_dieinvalid(100, "TLS_GID") ;
-    if (gid && setgid(gid) < 0) strerr_diefu1sys(111, "setgid") ;
-    if (uid && setuid(uid) < 0) strerr_diefu1sys(111, "setuid") ;
-  }
-}
author	Laurent Bercot <ska-skaware@skarnet.org>	2020-11-21 02:22:09 +0000
committer	Laurent Bercot <ska-skaware@skarnet.org>	2020-11-21 02:22:09 +0000
commit	5c2880becc94141b8035b3488b6bd60696011308 (patch)
tree	51e177122b50e248075dae441e4a76d68fd33081 /src/conn-tools/s6tls_drop.c
parent	5715c21a077ee1c2fe8957cb4adcea14fd2eda6b (diff)
download	s6-networking-5c2880becc94141b8035b3488b6bd60696011308.tar.xz