From 053bd8d5d6eeb68c73cb94f60254a8a91562a84b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Ketelaars?= <bjorn.ketelaars@hydroxide.nl>
Date: Fri, 4 Sep 2015 16:16:31 +0200
Subject: [PATCH] drop privileges when running as root

---
 fiche.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/fiche.c b/fiche.c
index b9e7114..7a55c43 100644
--- a/fiche.c
+++ b/fiche.c
@@ -36,6 +36,17 @@ int main(int argc, char **argv)
     time_seed = time(0);
 
     parse_parameters(argc, argv);
+
+    if (getuid() == 0)
+    {
+        if (UID == -1)
+            error("ERROR: user not set");
+        if (setgid(GID) != 0)
+            error("ERROR: Unable to drop group privileges");
+        if (setuid(UID) != 0)
+            error("ERROR: Unable to drop user privileges");
+    }
+
     if (BASEDIR == NULL)
         set_basedir();