diff options
author | Patrick Steinhardt | 2017-07-06 15:21:43 +0200 |
---|---|---|
committer | Denys Vlasenko | 2017-07-06 22:27:22 +0200 |
commit | 10c53b85c992afca47e7a70f05379a5038bdaeb9 (patch) | |
tree | 4c223f16f0e178451e863ada1595b32333759282 | |
parent | 111cdcf295b4cab78521480f52b295d9ae719263 (diff) | |
download | busybox-10c53b85c992afca47e7a70f05379a5038bdaeb9.zip busybox-10c53b85c992afca47e7a70f05379a5038bdaeb9.tar.gz |
setpriv: dump no-new-privs info
Introduce the ability to dump the state of the no-new-privs flag, which
states whethere it is allowed to grant new privileges.
function old new delta
setpriv_main 419 467 +48
.rodata 145926 145969 +43
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r-- | util-linux/setpriv.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/util-linux/setpriv.c b/util-linux/setpriv.c index f21ce66..8d3f258 100644 --- a/util-linux/setpriv.c +++ b/util-linux/setpriv.c @@ -62,6 +62,10 @@ #define PR_SET_NO_NEW_PRIVS 38 #endif +#ifndef PR_GET_NO_NEW_PRIVS +#define PR_GET_NO_NEW_PRIVS 39 +#endif + enum { IF_FEATURE_SETPRIV_DUMP(OPTBIT_DUMP,) OPTBIT_NNP, @@ -76,13 +80,17 @@ static int dump(void) uid_t ruid, euid, suid; gid_t rgid, egid, sgid; gid_t *gids; - int ngids; + int ngids, nnp; getresuid(&ruid, &euid, &suid); /* never fails in Linux */ getresgid(&rgid, &egid, &sgid); /* never fails in Linux */ ngids = 0; gids = bb_getgroups(&ngids, NULL); /* never fails in Linux */ + nnp = prctl(PR_GET_NO_NEW_PRIVS, 0, 0, 0, 0); + if (nnp < 0) + bb_simple_perror_msg_and_die("prctl: GET_NO_NEW_PRIVS"); + printf("uid: %u\n", (unsigned)ruid); printf("euid: %u\n", (unsigned)euid); printf("gid: %u\n", (unsigned)rgid); @@ -99,7 +107,7 @@ static int dump(void) fmt = ",%u"; } } - bb_putchar('\n'); + printf("\nno_new_privs: %d\n", nnp); if (ENABLE_FEATURE_CLEAN_UP) free(gids); |