314 |
314 |
315 p = priv_set_to_str(priv_set, ',', 0); |
315 p = priv_set_to_str(priv_set, ',', 0); |
316 dprintf("started with privs %s", p != NULL ? p : "Unknown"); |
316 dprintf("started with privs %s", p != NULL ? p : "Unknown"); |
317 free(p); |
317 free(p); |
318 } |
318 } |
319 priv_freeset(priv_set); |
|
320 |
319 |
321 /* always start with the basic set */ |
320 /* always start with the basic set */ |
322 priv_set = priv_str_to_set("basic", ",", NULL); |
321 priv_basicset(priv_set); |
323 if (priv_set == NULL) { |
|
324 syslog(LOG_ERR, "converting basic privilege set: %m"); |
|
325 exit(EXIT_FAILURE); |
|
326 } |
|
327 (void) priv_addset(priv_set, PRIV_FILE_CHOWN_SELF); |
322 (void) priv_addset(priv_set, PRIV_FILE_CHOWN_SELF); |
328 (void) priv_addset(priv_set, PRIV_FILE_DAC_READ); |
323 (void) priv_addset(priv_set, PRIV_FILE_DAC_READ); |
329 (void) priv_addset(priv_set, PRIV_FILE_DAC_WRITE); |
324 (void) priv_addset(priv_set, PRIV_FILE_DAC_WRITE); |
330 (void) priv_addset(priv_set, PRIV_NET_PRIVADDR); |
325 (void) priv_addset(priv_set, PRIV_NET_PRIVADDR); |
331 (void) priv_addset(priv_set, PRIV_NET_RAWACCESS); |
326 (void) priv_addset(priv_set, PRIV_NET_RAWACCESS); |