| From 712bc9e25bc986070b90cb1e3a08b0353a4b9bcf Mon Sep 17 00:00:00 2001 |
| From: Jorge Lucangeli Obes <jorgelo@chromium.org> |
| Date: Tue, 12 May 2015 10:17:42 -0700 |
| Subject: [PATCH] Fix dhcpcd running as a regular user. |
| |
| Update the lease file permission to 0600 to prevent other |
| users from reading the lease file. |
| |
| Moreover, also soften the log message shown when not running as root, |
| since by using Linux capabilities dhcpcd can run fine as a regular user. |
| |
| BUG=chromium-os:28336 |
| TEST=Build and boot an image, network still works. |
| TEST=New lease files are created with 0600 permissions. |
| |
| Reviewed-on: https://gerrit.chromium.org/gerrit/22644 |
| |
| --- |
| dhcp.c | 2 +- |
| dhcpcd.c | 4 ++-- |
| 2 files changed, 3 insertions(+), 3 deletions(-) |
| |
| diff --git a/dhcp.c b/dhcp.c |
| index 93a329f..ec09a28 100644 |
| --- a/dhcp.c |
| +++ b/dhcp.c |
| @@ -1082,7 +1082,7 @@ write_lease(const struct interface *ifp, const struct dhcp_message *dhcp) |
| logger(ifp->ctx, LOG_DEBUG, "%s: writing lease `%s'", |
| ifp->name, state->leasefile); |
| |
| - fd = open(state->leasefile, O_WRONLY | O_CREAT | O_TRUNC, 0644); |
| + fd = open(state->leasefile, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
| if (fd == -1) |
| return -1; |
| |
| diff --git a/dhcpcd.c b/dhcpcd.c |
| index 2ffdac1..9528dc8 100644 |
| --- a/dhcpcd.c |
| +++ b/dhcpcd.c |
| @@ -1641,8 +1641,8 @@ main(int argc, char **argv) |
| #endif |
| |
| if (geteuid()) |
| - logger(&ctx, LOG_WARNING, |
| - PACKAGE " will not work correctly unless run as root"); |
| + logger(&ctx, LOG_NOTICE, |
| + PACKAGE " is running with reduced privileges"); |
| |
| #ifdef USE_SIGNALS |
| if (sig != 0) { |
| -- |
| 2.2.0.rc0.207.ga3a616c |
| |