linput

Listen to input events
git clone git://git.akobets.xyz/linput
Log | Files | Refs | README | LICENSE

commit 347cf390289e543716c1c85445afeaae0da20267
parent bf8c4e403a2b0bd3beee2002ee68fe55bb4a4634
Author: Artem Kobets <artem@akobets.xyz>
Date:   Mon, 20 Apr 2020 13:56:53 +0300

drop setuid/setgid privileges on children

Diffstat:
Mlinput.c | 15+++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/linput.c b/linput.c @@ -212,15 +212,22 @@ is_hotkey_active(const struct HotkeyRule *hotkey, int last_key) void run(char **cmd) { + if (cmd == NULL) + return; + switch (fork()) { case -1: fprintf(stderr, "fork: %s\n", strerror(errno)); break; case 0: - if (cmd != NULL) { - execvp(cmd[0], cmd); - fprintf(stderr, "execvp %s: %s\n", cmd[0], strerror(errno)); - } + /* drop setuid/setgid privileges */ + if (setuid(getuid()) == -1) + _exit(EXIT_FAILURE); + if (setgid(getgid()) == -1) + _exit(EXIT_FAILURE); + + execvp(cmd[0], cmd); + fprintf(stderr, "execvp %s: %s\n", cmd[0], strerror(errno)); _exit(EXIT_FAILURE); break; }