summaryrefslogtreecommitdiff
path: root/privsep.go
diff options
context:
space:
mode:
Diffstat (limited to 'privsep.go')
-rw-r--r--privsep.go36
1 files changed, 0 insertions, 36 deletions
diff --git a/privsep.go b/privsep.go
deleted file mode 100644
index 9968254..0000000
--- a/privsep.go
+++ /dev/null
@@ -1,36 +0,0 @@
-// This file implements privilege separation
-
-package main
-
-import (
- "errors"
- "net"
- "os"
- "os/user"
- "path"
- "strconv"
-
- "github.com/sarnowski/mitigation"
-)
-
-func dropPrivAndListen(userName, sockPath string) (net.Listener, error) {
- if !mitigation.CanActivate() {
- return nil, errors.New("cannot drop privileges")
- }
- usr, _ := user.Lookup(userName)
- uid, _ := strconv.Atoi(usr.Uid)
- gid, _ := strconv.Atoi(usr.Gid)
-
- socket := path.Join(usr.HomeDir, sockPath)
- os.Remove(socket)
-
- l, err := net.Listen("unix", socket)
- if err != nil {
- return nil, err
- }
- os.Chown(socket, uid, gid)
- os.Chmod(socket, 0660)
-
- mitigation.Activate(uid, gid, usr.HomeDir)
- return l, nil
-}