summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2014-09-24 21:49:19 +0200
committerJulian Andres Klode <jak@debian.org>2014-09-24 21:49:19 +0200
commit7b18d5592fd5e0bb173e193d1e6693a66065f971 (patch)
treec7485a668a96e6b644adae4b5f46a78827878d98
parentf1e3c8f002be54617656fc4ca525c3f1e57323f3 (diff)
methods: Fail if we cannot drop privileges
-rw-r--r--apt-pkg/acquire-method.cc12
-rw-r--r--apt-pkg/acquire-method.h2
-rw-r--r--methods/copy.cc4
-rw-r--r--methods/ftp.cc6
-rw-r--r--methods/gpgv.cc4
-rw-r--r--methods/gzip.cc5
-rw-r--r--methods/http_main.cc4
-rw-r--r--methods/https.cc4
8 files changed, 27 insertions, 14 deletions
diff --git a/apt-pkg/acquire-method.cc b/apt-pkg/acquire-method.cc
index e4a937d1d..82f2fb3ce 100644
--- a/apt-pkg/acquire-method.cc
+++ b/apt-pkg/acquire-method.cc
@@ -119,6 +119,18 @@ void pkgAcqMethod::Fail(string Err,bool Transient)
std::cout << "\n" << std::flush;
}
/*}}}*/
+// AcqMethod::DropPrivsOrDie - Drop privileges or die /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+void pkgAcqMethod::DropPrivsOrDie()
+{
+ if (!DropPrivs()) {
+ Fail(false);
+ exit(112); /* call the european emergency number */
+ }
+}
+
+ /*}}}*/
// AcqMethod::URIStart - Indicate a download is starting /*{{{*/
// ---------------------------------------------------------------------
/* */
diff --git a/apt-pkg/acquire-method.h b/apt-pkg/acquire-method.h
index cbf79f860..cdeecc9a7 100644
--- a/apt-pkg/acquire-method.h
+++ b/apt-pkg/acquire-method.h
@@ -105,7 +105,7 @@ class pkgAcqMethod
pkgAcqMethod(const char *Ver,unsigned long Flags = 0);
virtual ~pkgAcqMethod() {};
-
+ void DropPrivsOrDie();
private:
APT_HIDDEN void Dequeue();
};
diff --git a/methods/copy.cc b/methods/copy.cc
index 18d70e153..3883c822b 100644
--- a/methods/copy.cc
+++ b/methods/copy.cc
@@ -118,8 +118,8 @@ int main()
{
setlocale(LC_ALL, "");
- DropPrivs();
-
CopyMethod Mth;
+
+ Mth.DropPrivsOrDie();
return Mth.Run();
}
diff --git a/methods/ftp.cc b/methods/ftp.cc
index 9d58aa3b9..a658b5657 100644
--- a/methods/ftp.cc
+++ b/methods/ftp.cc
@@ -1107,9 +1107,6 @@ int main(int, const char *argv[])
{
setlocale(LC_ALL, "");
- // no more active ftp, sorry
- DropPrivs();
-
/* See if we should be come the http client - we do this for http
proxy urls */
if (getenv("ftp_proxy") != 0)
@@ -1134,6 +1131,9 @@ int main(int, const char *argv[])
}
FtpMethod Mth;
+
+ // no more active ftp, sorry
+ Mth.DropPrivsOrDie();
return Mth.Run();
}
diff --git a/methods/gpgv.cc b/methods/gpgv.cc
index 159417883..4071cbac6 100644
--- a/methods/gpgv.cc
+++ b/methods/gpgv.cc
@@ -262,10 +262,10 @@ bool GPGVMethod::Fetch(FetchItem *Itm)
int main()
{
setlocale(LC_ALL, "");
-
- DropPrivs();
GPGVMethod Mth;
+ Mth.DropPrivsOrDie();
+
return Mth.Run();
}
diff --git a/methods/gzip.cc b/methods/gzip.cc
index 518e58f82..7ffcda60f 100644
--- a/methods/gzip.cc
+++ b/methods/gzip.cc
@@ -135,11 +135,12 @@ int main(int, char *argv[])
{
setlocale(LC_ALL, "");
- DropPrivs();
-
Prog = strrchr(argv[0],'/');
++Prog;
GzipMethod Mth;
+
+ Mth.DropPrivsOrDie();
+
return Mth.Run();
}
diff --git a/methods/http_main.cc b/methods/http_main.cc
index 788582632..d7724701a 100644
--- a/methods/http_main.cc
+++ b/methods/http_main.cc
@@ -12,8 +12,8 @@ int main()
// closes the connection (this is dealt with via ServerDie())
signal(SIGPIPE, SIG_IGN);
- DropPrivs();
-
HttpMethod Mth;
+
+ Mth.DropPrivsOrDie();
return Mth.Loop();
}
diff --git a/methods/https.cc b/methods/https.cc
index a40f37710..a74d2a38b 100644
--- a/methods/https.cc
+++ b/methods/https.cc
@@ -443,11 +443,11 @@ int main()
{
setlocale(LC_ALL, "");
- DropPrivs();
-
HttpsMethod Mth;
curl_global_init(CURL_GLOBAL_SSL) ;
+ Mth.DropPrivsOrDie();
+
return Mth.Run();
}