aboutsummaryrefslogtreecommitdiffstats
path: root/FICS
diff options
context:
space:
mode:
Diffstat (limited to 'FICS')
-rw-r--r--FICS/fics_addplayer.c11
-rw-r--r--FICS/ficsmain.c7
2 files changed, 16 insertions, 2 deletions
diff --git a/FICS/fics_addplayer.c b/FICS/fics_addplayer.c
index 18d42c4..c37ca63 100644
--- a/FICS/fics_addplayer.c
+++ b/FICS/fics_addplayer.c
@@ -42,6 +42,7 @@
#include "fics_getsalt.h"
#include "ficsmain.h"
#include "playerdb.h"
+#include "prep_dir_for_privdrop.h"
#include "settings.h"
#include "utils.h"
@@ -136,6 +137,16 @@ main(int argc, char *argv[])
settings_init();
settings_read_conf(FICS_SETTINGS);
+ if (strncmp(FICS_PREFIX, "/home", 5) == 0) {
+ if (is_super_user())
+ errx(1, "Do not run as root");
+ } else {
+ if (!is_super_user())
+ errx(1, "Need root privileges");
+ else if (drop_root_privileges(FICS_PREFIX) == -1)
+ errx(1, "Privdrop failed");
+ }
+
player_init(0);
p = player_new();
diff --git a/FICS/ficsmain.c b/FICS/ficsmain.c
index bf5aafb..36055b8 100644
--- a/FICS/ficsmain.c
+++ b/FICS/ficsmain.c
@@ -298,9 +298,12 @@ main(int argc, char *argv[])
settings_init();
settings_read_conf(FICS_SETTINGS);
- if (is_super_user()) {
- if (strncmp(FICS_PREFIX, "/home", 5) == 0)
+ if (strncmp(FICS_PREFIX, "/home", 5) == 0) {
+ if (is_super_user())
errx(1, "Do not run as root");
+ } else {
+ if (!is_super_user())
+ errx(1, "Need root privileges");
else if (read_the_group_permissions_file("/etc/group") != 0)
errx(1, "Failed to read the group permissions file");
else if (fics_addgroup(settings_get("sysgroup")) != 0)
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-04 09:24:51 +0000