diff options
| author | Marin Ivanov <[email protected]> | 2019-03-25 00:46:46 +0200 |
|---|---|---|
| committer | Marin Ivanov <[email protected]> | 2019-03-25 00:53:11 +0200 |
| commit | d8ca90a99e8fed561db245f3e972d893334604f8 (patch) | |
| tree | fc26591d6727a71d29d42b8ae064b3e7982da8a6 /setuid_unix.go | |
| parent | 47971bdbe2ad58ac6749da632febc24c4b12da43 (diff) | |
Allow to drop privileges my changing uid/gid
This feature is only available for unix OSes and allow to setuid and
setgid after creating a listening socket.
Diffstat (limited to 'setuid_unix.go')
| -rw-r--r-- | setuid_unix.go | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/setuid_unix.go b/setuid_unix.go new file mode 100644 index 0000000..be2db7b --- /dev/null +++ b/setuid_unix.go @@ -0,0 +1,25 @@ +package main + +import ( + "errors" + "syscall" +) + +func setUidGid(syscallID uint, uidgid uint16) error { + if uidgid == 0 { + return nil + } + _, _, errno := syscall.Syscall(uintptr(syscallID), uintptr(uidgid), 0, 0) + if errno != 0 { + return errors.New(errno.Error()) + } + return nil +} + +func setUID(uid uint16) error { + return setUidGid(syscall.SYS_SETUID, uid) +} + +func setGID(gid uint16) error { + return setUidGid(syscall.SYS_SETGID, gid) +} |