support/checkgid.c - httpd - Git at Google

 /* ====================================================================
  * The Apache Software License, Version 1.1
  *
  * Copyright (c) 2001 The Apache Software Foundation.  All rights
  * reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
  *    the documentation and/or other materials provided with the
  *    distribution.
  *
  * 3. The end-user documentation included with the redistribution,
  *    if any, must include the following acknowledgment:
  *       "This product includes software developed by the
  *        Apache Software Foundation (http://www.apache.org/)."
  *    Alternately, this acknowledgment may appear in the software itself,
  *    if and wherever such third-party acknowledgments normally appear.
  *
  * 4. The names "Apache" and "Apache Software Foundation" must
  *    not be used to endorse or promote products derived from this
  *    software without prior written permission. For written
  *    permission, please contact apache@apache.org.
  *
  * 5. Products derived from this software may not be called "Apache",
  *    nor may "Apache" appear in their name, without prior written
  *    permission of the Apache Software Foundation.
  *
  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  * ====================================================================
  *
  * This software consists of voluntary contributions made by many
  * individuals on behalf of the Apache Software Foundation.  For more
  * information on the Apache Software Foundation, please see
  * <http://www.apache.org/>.
  */

 /*
  * Given one or more group identifers on the command line (e.g.,
  * "httpd" or "#-1"), figure out whether they'll be valid for
  * the server to use at run-time.
  *
  * If a groupname isn't found, or we can't setgid() to it, return
  * -1.  If all groups are valid, return 0.
  *
  * This may need to be run as the superuser for the setgid() to
  * succeed; running it as any other user may result in a false
  * negative.
  */

 #include "ap_config.h"
 #if APR_HAVE_STDIO_H
 #include <stdio.h>
 #endif
 #if APR_HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif
 #if HAVE_GRP_H
 #include <grp.h>
 #endif
 #if APR_HAVE_UNISTD_H
 #include <unistd.h>
 #endif

 int main(int argc, char *argv[])
 {
     int i;
     int result;
     gid_t gid;
     struct group *grent;
     struct group fake_grent;

     /*
      * Assume success. :-)
      */
     result = 0;
     for (i = 1; i < argc; ++i) {
         char *arg;
         arg = argv[i];

         /*
          * If it's from a 'Group #-1' statement, get the numeric value
          * and skip the group lookup stuff.
          */
         if (*arg == '#') {
             gid = atoi(&arg[1]);
             fake_grent.gr_gid = gid;
             grent = &fake_grent;
         }
         else {
             grent = getgrnam(arg);
         }

         /*
          * A NULL return means no such group was found, so we're done
          * with this one.
          */
         if (grent == NULL) {
             fprintf(stderr, "%s: group '%s' not found\n", argv[0], arg);
             result = -1;
         }
         else {
             int check;

             /*
              * See if we can switch to the numeric GID we have. If so,
              * all well and good; if not, well..
              */
             gid = grent->gr_gid;
             check = setgid(gid);
             if (check != 0) {
                 fprintf(stderr, "%s: invalid group '%s'\n", argv[0], arg);
                 perror(argv[0]);
                 result = -1;
             }
         }
     }
     /*
      * Worst-case return value.
      */
     return result;
 }
 /*
  * Local Variables:
  * mode: C
  * c-file-style: "bsd"
  * End:
  */
	/* ====================================================================
	* The Apache Software License, Version 1.1
	*
	* Copyright (c) 2001 The Apache Software Foundation. All rights
	* reserved.
	*
	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions
	* are met:
	*
	* 1. Redistributions of source code must retain the above copyright
	* notice, this list of conditions and the following disclaimer.
	*
	* 2. Redistributions in binary form must reproduce the above copyright
	* notice, this list of conditions and the following disclaimer in
	* the documentation and/or other materials provided with the
	* distribution.
	*
	* 3. The end-user documentation included with the redistribution,
	* if any, must include the following acknowledgment:
	* "This product includes software developed by the
	* Apache Software Foundation (http://www.apache.org/)."
	* Alternately, this acknowledgment may appear in the software itself,
	* if and wherever such third-party acknowledgments normally appear.
	*
	* 4. The names "Apache" and "Apache Software Foundation" must
	* not be used to endorse or promote products derived from this
	* software without prior written permission. For written
	* permission, please contact apache@apache.org.
	*
	* 5. Products derived from this software may not be called "Apache",
	* nor may "Apache" appear in their name, without prior written
	* permission of the Apache Software Foundation.
	*
	* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
	* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
	* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
	* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
	* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
	* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	* SUCH DAMAGE.
	* ====================================================================
	*
	* This software consists of voluntary contributions made by many
	* individuals on behalf of the Apache Software Foundation. For more
	* information on the Apache Software Foundation, please see
	* <http://www.apache.org/>.
	*/

	/*
	* Given one or more group identifers on the command line (e.g.,
	* "httpd" or "#-1"), figure out whether they'll be valid for
	* the server to use at run-time.
	*
	* If a groupname isn't found, or we can't setgid() to it, return
	* -1. If all groups are valid, return 0.
	*
	* This may need to be run as the superuser for the setgid() to
	* succeed; running it as any other user may result in a false
	* negative.
	*/

	#include "ap_config.h"
	#if APR_HAVE_STDIO_H
	#include <stdio.h>
	#endif
	#if APR_HAVE_SYS_TYPES_H
	#include <sys/types.h>
	#endif
	#if HAVE_GRP_H
	#include <grp.h>
	#endif
	#if APR_HAVE_UNISTD_H
	#include <unistd.h>
	#endif

	int main(int argc, char *argv[])
	{
	int i;
	int result;
	gid_t gid;
	struct group *grent;
	struct group fake_grent;

	/*
	* Assume success. :-)
	*/
	result = 0;
	for (i = 1; i < argc; ++i) {
	char *arg;
	arg = argv[i];

	/*
	* If it's from a 'Group #-1' statement, get the numeric value
	* and skip the group lookup stuff.
	*/
	if (*arg == '#') {
	gid = atoi(&arg[1]);
	fake_grent.gr_gid = gid;
	grent = &fake_grent;
	}
	else {
	grent = getgrnam(arg);
	}

	/*
	* A NULL return means no such group was found, so we're done
	* with this one.
	*/
	if (grent == NULL) {
	fprintf(stderr, "%s: group '%s' not found\n", argv[0], arg);
	result = -1;
	}
	else {
	int check;

	/*
	* See if we can switch to the numeric GID we have. If so,
	* all well and good; if not, well..
	*/
	gid = grent->gr_gid;
	check = setgid(gid);
	if (check != 0) {
	fprintf(stderr, "%s: invalid group '%s'\n", argv[0], arg);
	perror(argv[0]);
	result = -1;
	}
	}
	}
	/*
	* Worst-case return value.
	*/
	return result;
	}
	/*
	* Local Variables:
	* mode: C
	* c-file-style: "bsd"
	* End:
	*/