From 831c023aa4b58783bfd3bfc5af895dc2beb61761 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Fri, 16 Nov 2012 16:05:25 +0000
Subject: -assert privs when needed

---
 src/transport/gnunet-helper-transport-wlan.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'src/transport')

diff --git a/src/transport/gnunet-helper-transport-wlan.c b/src/transport/gnunet-helper-transport-wlan.c
index 0343b161b..649a6cf18 100644
--- a/src/transport/gnunet-helper-transport-wlan.c
+++ b/src/transport/gnunet-helper-transport-wlan.c
@@ -1867,6 +1867,22 @@ main (int argc, char *argv[])
   struct MessageStreamTokenizer *stdin_mst;
   int raw_eno;
 
+  /* assert privs so we can modify the firewall rules! */
+  uid = getuid ();
+#ifdef HAVE_SETRESUID
+  if (0 != setresuid (uid, 0, 0))
+  {
+    fprintf (stderr, "Failed to setresuid to root: %s\n", strerror (errno));
+    return 254;
+  }
+#else
+  if (0 != seteuid (0)) 
+  {
+    fprintf (stderr, "Failed to seteuid back to root: %s\n", strerror (errno));
+    return 254;
+  }
+#endif
+
   /* make use of SGID capabilities on POSIX */
   memset (&dev, 0, sizeof (dev));
   dev.fd_raw = socket (PF_PACKET, SOCK_RAW, htons (ETH_P_ALL));
-- 
cgit v1.2.3