[Pcsclite-cvs-commit] r5143 - /trunk/PCSC/src/pcscdaemon.c
rousseau at users.alioth.debian.org
rousseau at users.alioth.debian.org
Mon Aug 16 09:45:16 UTC 2010
Author: rousseau
Date: Mon Aug 16 09:45:15 2010
New Revision: 5143
URL: http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=5143
Log:
If the process is setuid or setgid it may have some restrictions
Do not allow to specify a configuration file when restricted
Modified:
trunk/PCSC/src/pcscdaemon.c
Modified: trunk/PCSC/src/pcscdaemon.c
URL: http://svn.debian.org/wsvn/pcsclite/trunk/PCSC/src/pcscdaemon.c?rev=5143&op=diff
==============================================================================
--- trunk/PCSC/src/pcscdaemon.c (original)
+++ trunk/PCSC/src/pcscdaemon.c Mon Aug 16 09:45:15 2010
@@ -148,6 +148,7 @@
int customMaxReaderHandles = 0;
int customMaxThreadCardHandles = 0;
int opt;
+ int limited_rights = FALSE;
#ifdef HAVE_GETOPT_LONG
int option_index = 0;
static struct option long_options[] = {
@@ -195,6 +196,9 @@
*/
DebugLogSetLogType(DEBUGLOG_SYSLOG_DEBUG);
+ /* if the process is setuid or setgid it may have some restrictions */
+ limited_rights = (getuid() != geteuid()) || (getgid() != getegid());
+
/*
* Handle any command line arguments
*/
@@ -212,6 +216,11 @@
break;
#endif
case 'c':
+ if (limited_rights)
+ {
+ Log1(PCSC_LOG_CRITICAL, "Can't use a user specified config file");
+ return EXIT_FAILURE;
+ }
Log2(PCSC_LOG_INFO, "using new config file: %s", optarg);
newReaderConfig = optarg;
break;
More information about the Pcsclite-cvs-commit
mailing list