summaryrefslogtreecommitdiffstats
path: root/lib/parse_ini.c
diff options
context:
space:
mode:
authorHolger Weiss <holger@zedat.fu-berlin.de>2014-06-18 21:22:12 (GMT)
committerHolger Weiss <holger@zedat.fu-berlin.de>2014-06-18 21:22:12 (GMT)
commit48025ff39c3a78b7805bf803ac96730cef53e15c (patch)
treebbaf7c1147cf8077547bc47d5839a0e058f66765 /lib/parse_ini.c
parent2bf7647be60cd53d9e54fdcf970a90fe08797819 (diff)
downloadmonitoring-plugins-48025ff39c3a78b7805bf803ac96730cef53e15c.tar.gz
lib/parse_ini.c: Drop privileges for reading file
Read the configuration file with privileges temporarily dropped if the code is used by a setuid plugin.
Diffstat (limited to 'lib/parse_ini.c')
-rw-r--r--lib/parse_ini.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/parse_ini.c b/lib/parse_ini.c
index 447bd45..86b94e7 100644
--- a/lib/parse_ini.c
+++ b/lib/parse_ini.c
@@ -22,6 +22,7 @@
22*****************************************************************************/ 22*****************************************************************************/
23 23
24#include "common.h" 24#include "common.h"
25#include "idpriv.h"
25#include "utils_base.h" 26#include "utils_base.h"
26#include "parse_ini.h" 27#include "parse_ini.h"
27 28
@@ -118,6 +119,11 @@ np_get_defaults(const char *locator, const char *default_section)
118 FILE *inifile = NULL; 119 FILE *inifile = NULL;
119 np_arg_list *defaults = NULL; 120 np_arg_list *defaults = NULL;
120 np_ini_info i; 121 np_ini_info i;
122 int is_suid_plugin = mp_suid();
123
124 if (is_suid_plugin && idpriv_temp_drop() == -1)
125 die(STATE_UNKNOWN, _("Cannot drop privileges: %s\n"),
126 strerror(errno));
121 127
122 parse_locator(locator, default_section, &i); 128 parse_locator(locator, default_section, &i);
123 inifile = strcmp(i.file, "-") == 0 ? stdin : fopen(i.file, "r"); 129 inifile = strcmp(i.file, "-") == 0 ? stdin : fopen(i.file, "r");
@@ -133,6 +139,10 @@ np_get_defaults(const char *locator, const char *default_section)
133 if (inifile != stdin) 139 if (inifile != stdin)
134 fclose(inifile); 140 fclose(inifile);
135 free(i.stanza); 141 free(i.stanza);
142 if (is_suid_plugin && idpriv_temp_restore() == -1)
143 die(STATE_UNKNOWN, _("Cannot restore privileges: %s\n"),
144 strerror(errno));
145
136 return defaults; 146 return defaults;
137} 147}
138 148