drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-08-10 01:02:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

nfqws,tpws: support multiple gids in --uid

Browse Source
This commit is contained in:
bol-van
2025-05-10 11:11:56 +03:00
parent 6d52b49b98
commit 4f0fdb24f2
9 changed files with 194 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
nfq/sec.c
View File

@@ -295,8 +295,13 @@ bool can_drop_root(void)
#endif
}
bool droproot(uid_t uid, gid_t gid)
bool droproot(uid_t uid, gid_t *gid, int gid_count)
{
if (gid_count<1)
{
DLOG_ERR("droproot: no groups specified");
return false;
}
#ifdef __linux__
if (prctl(PR_SET_KEEPCAPS, 1L))
{
@@ -305,12 +310,12 @@ bool droproot(uid_t uid, gid_t gid)
}
#endif
// drop all SGIDs
if (setgroups(0,NULL))
if (setgroups(gid_count,gid))
{
DLOG_PERROR("setgroups");
return false;
}
if (setgid(gid))
if (setgid(gid[0]))
{
DLOG_PERROR("setgid");
return false;