/* are we running as non-root? This is used by the regresison test code,
and potentially also for sites that want non-root smbd */
static uid_t initial_uid;
+static gid_t initial_gid;
/****************************************************************************
remember what uid we got started as - this allows us to run correctly
void sec_init(void)
{
initial_uid = geteuid();
+ initial_gid = getegid();
}
/****************************************************************************
return initial_uid;
}
+/****************************************************************************
+some code (eg. winbindd, profiling shm) needs to know what gid we started as
+****************************************************************************/
+gid_t sec_initial_gid(void)
+{
+ return initial_gid;
+}
+
/****************************************************************************
are we running in non-root mode?
****************************************************************************/
return False;
}
-#if 0
- if (shm_ds.shm_perm.cuid != 0 || shm_ds.shm_perm.cgid != 0) {
- DEBUG(0,("ERROR: root did not create the shmem\n"));
+ if (shm_ds.shm_perm.cuid != sec_initial_uid() || shm_ds.shm_perm.cgid != sec_initial_gid()) {
+ DEBUG(0,("ERROR: we did not create the shmem (owned by another user)\n"));
return False;
}
-#endif
if (shm_ds.shm_segsz != sizeof(*profile_h)) {
DEBUG(0,("WARNING: profile size is %d (expected %d). Deleting\n",
git.samba.org / ira / wip.git / commitdiff