From 93048e5a6f33cc8e2fc547bf65c41551696e23c6 Mon Sep 17 00:00:00 2001 From: Carl Hetherington Date: Wed, 26 May 2021 09:43:36 +0200 Subject: [PATCH] Remove privilege escalation via seteuid() etc. on Linux. --- src/lib/cross.h | 8 -------- src/lib/cross_linux.cc | 36 ------------------------------------ src/lib/ext.cc | 4 ---- test/disk_writer_test.cc | 1 - 4 files changed, 49 deletions(-) diff --git a/src/lib/cross.h b/src/lib/cross.h index b70d84a0e..25b3b3820 100644 --- a/src/lib/cross.h +++ b/src/lib/cross.h @@ -71,14 +71,6 @@ namespace dcpomatic { std::string get_process_id (); } -class PrivilegeEscalator -{ -public: - PrivilegeEscalator (); - ~PrivilegeEscalator (); - - static bool test; -}; /** @class Waker * @brief A class which tries to keep the computer awake on various operating systems. diff --git a/src/lib/cross_linux.cc b/src/lib/cross_linux.cc index 326e590b8..65151791c 100644 --- a/src/lib/cross_linux.cc +++ b/src/lib/cross_linux.cc @@ -371,7 +371,6 @@ bool Drive::unmount () { for (auto i: _mount_points) { - PrivilegeEscalator esc; int const r = umount(i.string().c_str()); LOG_DISK("Tried to unmount %1 and got %2 and %3", i.string(), r, errno); if (r == -1) { @@ -382,41 +381,6 @@ Drive::unmount () } -void -unprivileged () -{ - uid_t ruid, euid, suid; - if (getresuid(&ruid, &euid, &suid) == -1) { - cerr << "getresuid() failed.\n"; - } - if (seteuid(ruid) == -1) { - cerr << "seteuid() failed.\n"; - } -} - - -bool PrivilegeEscalator::test = false; - - -PrivilegeEscalator::~PrivilegeEscalator () -{ - if (!test) { - unprivileged (); - } -} - - -PrivilegeEscalator::PrivilegeEscalator () -{ - if (!test) { - int const r = seteuid(0); - if (r < 0) { - throw PrivilegeError (String::compose("seteuid() call failed with %1", errno)); - } - } -} - - boost::filesystem::path config_path () { diff --git a/src/lib/ext.cc b/src/lib/ext.cc index 86821bfa1..feba68c1f 100644 --- a/src/lib/ext.cc +++ b/src/lib/ext.cc @@ -304,10 +304,6 @@ try parts.division[2] = 0; parts.division[3] = 0; -#ifdef DCPOMATIC_LINUX - PrivilegeEscalator e; -#endif - /* XXX: not sure if disk_id matters */ int r = ext4_mbr_write (bd, &parts, 0); if (r) { diff --git a/test/disk_writer_test.cc b/test/disk_writer_test.cc index 1146c2e1b..217032d75 100644 --- a/test/disk_writer_test.cc +++ b/test/disk_writer_test.cc @@ -98,7 +98,6 @@ BOOST_AUTO_TEST_CASE (disk_writer_test1) /* Some arbitrary file size here */ make_random_file (dcp / "foo", 1024 * 1024 * 32 - 6128); - PrivilegeEscalator::test = true; dcpomatic::write (dcp, disk.string(), partition.string(), 0); BOOST_CHECK_EQUAL (system("/sbin/e2fsck -fn build/test/disk_writer_test1.partition"), 0); -- 2.30.2