Merge pull request #20 from bket/drop_priv

Drop privileges when running as root

README.md

@@ -115,13 +115,15 @@ http://domain.com/abcdef/
 
 #### User name ####
 
-If you use fiche as service (see details below) you may want to save files as other user, to do that use `-u` option,
-there's example:
+Set the user that fiche runs as using the `-u` option, example:
 
 ```
-fiche -u http
+fiche -u _fiche
 ```
 
+This option has effect only if fiche was started by root, otherwise it is ignored and fiche runs under the
+current user id.
+
 -----------------
 
 #### Buffersize ####
@@ -221,7 +223,7 @@ You can run fiche as service, there is simple systemd example:
 Description=FICHE-SERVER
 
 [Service]
-ExecStart=/usr/local/bin/fiche -d code.solusipse.net -o /home/www/code/ -l /home/www/log.txt
+ExecStart=/usr/local/bin/fiche -d code.solusipse.net -o /home/www/code/ -l /home/www/log.txt -u _fiche
 
 [Install]
 WantedBy=multi-user.target

fiche.c

@@ -36,6 +36,17 @@ int main(int argc, char **argv)
     time_seed = time(0);
 
     parse_parameters(argc, argv);
+
+    if (getuid() == 0)
+    {
+        if (UID == -1)
+            error("ERROR: user not set");
+        if (setgid(GID) != 0)
+            error("ERROR: Unable to drop group privileges");
+        if (setuid(UID) != 0)
+            error("ERROR: Unable to drop user privileges");
+    }
+
     if (BASEDIR == NULL)
         set_basedir();
 
@@ -255,12 +266,11 @@ void load_list(char *file_path, int type)
 int create_socket()
 {
     int lsocket = socket(AF_INET, SOCK_STREAM, 0);
+
     if (lsocket < 0)
-    {
         error("ERROR: Couldn't open socket");
-        return 0;
-    }
-    else return lsocket;
+
+    return lsocket;
 }
 
 struct sockaddr_in set_address(struct sockaddr_in server_address)
@@ -317,8 +327,6 @@ int create_directory(char *slug)
     mkdir(BASEDIR, S_IRWXU | S_IRGRP | S_IROTH | S_IXOTH | S_IXGRP);
     int result = mkdir(directory, S_IRWXU | S_IRGRP | S_IROTH | S_IXOTH | S_IXGRP);
 
-    change_owner(directory);
-
     free(directory);
 
     return result;
@@ -335,18 +343,11 @@ void save_to_file(char *slug, char *buffer, struct client_data data)
     fprintf(fp, "%s", buffer);
     fclose(fp);
 
-    change_owner(directory);
     display_info(data, directory, "");
 
     free(directory);
 }
 
-void change_owner(char *directory)
-{
-    if (UID != -1 && GID != -1)
-        chown(directory, UID, GID);
-}
-
 void set_uid_gid(char *username)
 {
     struct passwd *userdata = getpwnam(username);
@@ -388,6 +389,12 @@ void startup_message()
     printf("====================================\n");
 }
 
+void error(char *buffer)
+{
+    printf("%s\n", buffer);
+    exit(1);
+}
+
 void parse_parameters(int argc, char **argv)
 {
     int c;

fiche.h

@@ -80,7 +80,7 @@ int create_directory(char *slug);
 int check_protocol(char *buffer);
 
 void bind_to_port(int listen_socket, struct sockaddr_in serveraddr);
-void error(char *error_code){perror(error_code); exit(1);}
+void error(char *buffer);
 void perform_connection(int listen_socket);
 void generate_url(char *buffer, char *slug, size_t slug_length, struct client_data data);
 void save_to_file(char *buffer, char *slug, struct client_data data);
@@ -90,7 +90,6 @@ void set_basedir();
 void load_list(char *file_path, int type);
 void parse_parameters(int argc, char **argv);
 void save_log(char *slug, char *hostaddrp, char *h_name);
-void change_owner(char *directory);
 void set_uid_gid();
 
 char *check_banlist(char *ip_address);