projects / debian / amanda / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'upstream'
[debian/amanda] / server-src / planner.c
diff --git a/server-src/planner.c b/server-src/planner.c
index 1c612e4f53e73146d587991403f5aa30aa74efe5..2f3c378e44a1c1f9cd48e9fb238591fcef6183a1 100644 (file)
--- a/server-src/planner.c
+++ b/server-src/planner.c
@@ -248,6 +248,23 @@ main(
 
     protocol_init();
 
+    ruid = getuid();
+    if(geteuid() == 0) {
+       seteuid(ruid);
+       setgid(getgid());
+    }
+
+    /*
+     * From this point on we are running under our real uid, so we don't
+     * have to worry about opening security holes below.  Make sure we
+     * are a valid user.
+     */
+
+    if(getpwuid(getuid()) == NULL) {
+       error("can't get login name for my uid %ld", (long)getuid());
+       /*NOTREACHED*/
+    }
+
     /*
      * 2. Read in Configuration Information
      *
@@ -590,6 +607,12 @@ main(
                    walltime_str(timessub(curclock(), section_start)));
 
 
+    /* done with prvileged ops, make sure root privilege is dropped */
+    if ( geteuid() == 0 ) {
+      setuid(ruid);
+      seteuid(ruid);
+    }
+
     /*
      * 9. Output Schedule
      *
@@ -1932,6 +1955,7 @@ static void handle_result(
                amfree(qname);
            }
        }
+       amfree(qname);
     }
     if(i == 0) {
        /*
Debian packaging of amanda