| 1 | /// ----------------------------------------*- mode: C++; -*--
|
|---|
| 2 | /// @file setuid.h
|
|---|
| 3 | /// Change effective user ID in a thread-safe way
|
|---|
| 4 | /// ----------------------------------------------------------
|
|---|
| 5 | /// $Id: setuid.h 2549 2007-04-02 22:17:37Z bless $
|
|---|
| 6 | /// $HeadURL: https://svn.ipv6.tm.uka.de/nsis/protlib/trunk/include/setuid.h $
|
|---|
| 7 | // ===========================================================
|
|---|
| 8 | //
|
|---|
| 9 | // Copyright (C) 2005-2007, all rights reserved by
|
|---|
| 10 | // - Institute of Telematics, Universitaet Karlsruhe (TH)
|
|---|
| 11 | //
|
|---|
| 12 | // More information and contact:
|
|---|
| 13 | // https://projekte.tm.uka.de/trac/NSIS
|
|---|
| 14 | //
|
|---|
| 15 | // This program is free software; you can redistribute it and/or modify
|
|---|
| 16 | // it under the terms of the GNU General Public License as published by
|
|---|
| 17 | // the Free Software Foundation; version 2 of the License
|
|---|
| 18 | //
|
|---|
| 19 | // This program is distributed in the hope that it will be useful,
|
|---|
| 20 | // but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|---|
| 21 | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|---|
| 22 | // GNU General Public License for more details.
|
|---|
| 23 | //
|
|---|
| 24 | // You should have received a copy of the GNU General Public License along
|
|---|
| 25 | // with this program; if not, write to the Free Software Foundation, Inc.,
|
|---|
| 26 | // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|---|
| 27 | //
|
|---|
| 28 | // ===========================================================
|
|---|
| 29 | /** @ingroup protlib
|
|---|
| 30 | *
|
|---|
| 31 | * Thread-safe setuid support for linux.
|
|---|
| 32 | * Change effective user ID in a thread-safe way.
|
|---|
| 33 | *
|
|---|
| 34 | * tsdb::init() must be called before calling setuid::init().
|
|---|
| 35 | */
|
|---|
| 36 |
|
|---|
| 37 | #ifndef THREADSAFE_SETUID_H
|
|---|
| 38 | #define THREADSAFE_SETUID_H
|
|---|
| 39 |
|
|---|
| 40 | #include <sys/types.h>
|
|---|
| 41 | #include <pthread.h>
|
|---|
| 42 | #include <string>
|
|---|
| 43 |
|
|---|
| 44 | #include "protlib_types.h"
|
|---|
| 45 | #include "cleanuphandler.h"
|
|---|
| 46 |
|
|---|
| 47 | namespace protlib {
|
|---|
| 48 |
|
|---|
| 49 | /** @addtogroup protlib
|
|---|
| 50 | * @{
|
|---|
| 51 | */
|
|---|
| 52 |
|
|---|
| 53 | /// Thread-safe setuid
|
|---|
| 54 | /** This class provieds class methods for changing the effective user ID of
|
|---|
| 55 | * the current process.
|
|---|
| 56 | */
|
|---|
| 57 | class setuid {
|
|---|
| 58 | public:
|
|---|
| 59 | /// initialize setuid
|
|---|
| 60 | static void init();
|
|---|
| 61 | /// cleanup setuid resources
|
|---|
| 62 | static void end();
|
|---|
| 63 | /// turn on setuid mode
|
|---|
| 64 | static void on();
|
|---|
| 65 | /// turn off setuid mode
|
|---|
| 66 | static void off();
|
|---|
| 67 | private:
|
|---|
| 68 | /// init state
|
|---|
| 69 | static bool is_init;
|
|---|
| 70 | /// setuid mutex
|
|---|
| 71 | static pthread_mutex_t mutex;
|
|---|
| 72 | /// setuid counter
|
|---|
| 73 | static uint32 count;
|
|---|
| 74 | /// file user ID
|
|---|
| 75 | static uid_t file_userid;
|
|---|
| 76 | /// file user name
|
|---|
| 77 | static string file_username;
|
|---|
| 78 | /// real user ID
|
|---|
| 79 | static uid_t real_userid;
|
|---|
| 80 | /// real user name
|
|---|
| 81 | static string real_username;
|
|---|
| 82 | /// are we using setuid?
|
|---|
| 83 | static bool is_setuid;
|
|---|
| 84 | }; // end class setuid
|
|---|
| 85 |
|
|---|
| 86 | /// Turn on setuid mode and install cleanup handler.
|
|---|
| 87 | #define BEGIN_SETUID_MODE protlib::setuid::on(); install_cleanup(call_void_fun,protlib::setuid::off)
|
|---|
| 88 | #define END_SETUID_MODE uninstall_cleanup(1)
|
|---|
| 89 |
|
|---|
| 90 | //@}
|
|---|
| 91 |
|
|---|
| 92 | } // end namespace protlib
|
|---|
| 93 |
|
|---|
| 94 | #endif
|
|---|
