projects / freeradius.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1cc82ef) | patch
Change where we do suid up/down.
authorAlan T. DeKok <aland@freeradius.org>
Sun, 14 Dec 2008 09:31:17 +0000 (10:31 +0100)
committerAlan T. DeKok <aland@freeradius.org>
Sun, 14 Dec 2008 09:31:17 +0000 (10:31 +0100)
commit5ee8707a30f718fdb4560a91a74dcf850bfdf198
tree2b378d58dc344e02ada92698567252094a7b1f61tree | snapshot
parent1cc82efa727ecfdf23a41bd2345f1539e195a03dcommit | diff
Change where we do suid up/down.

If the server starts as root, but it supposed to run as another
user, we want to *temporarily* drop permissions very early.  Then,
when binding to privileged sockets, we re-gain permissions.
Once all of the sockets are open, we drop them permanently.

However, if we suid up for *all* sockets, then the control socket
will be created as root, rather than as the unprivileged user.
To fix that, we put suid up/down just around the 2 calls that
need it.
src/include/radiusd.h diff | blob | history
src/main/event.c diff | blob | history
src/main/listen.c diff | blob | history
src/main/mainconfig.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.