Line 0
Link Here
|
|
|
1 |
--- server/mpm/experimental/itk/Makefile.in.orig 2011-07-01 10:33:45.000000000 +0000 |
2 |
+++ server/mpm/experimental/itk/Makefile.in 2011-07-01 10:33:57.000000000 +0000 |
3 |
@@ -1,5 +1,6 @@ |
4 |
|
5 |
LTLIBRARY_NAME = libitk.la |
6 |
LTLIBRARY_SOURCES = itk.c |
7 |
+LTLIBRARY_LIBADD = -lutil |
8 |
|
9 |
include $(top_srcdir)/build/ltlib.mk |
10 |
--- server/mpm/experimental/itk/itk.c.orig 2011-07-01 10:04:40.000000000 +0000 |
11 |
+++ server/mpm/experimental/itk/itk.c 2011-07-01 10:17:19.000000000 +0000 |
12 |
@@ -41,6 +41,8 @@ |
13 |
#if APR_HAVE_SYS_TYPES_H |
14 |
#include <sys/types.h> |
15 |
#endif |
16 |
+#include <pwd.h> |
17 |
+#include <login_cap.h> |
18 |
|
19 |
#define CORE_PRIVATE |
20 |
|
21 |
@@ -1438,6 +1440,8 @@ |
22 |
gid_t wanted_gid; |
23 |
const char *wanted_username; |
24 |
int err = 0; |
25 |
+ struct passwd *pw; |
26 |
+ login_cap_t *lc; |
27 |
|
28 |
itk_server_conf *sconf = |
29 |
(itk_server_conf *) ap_get_module_config(r->server->module_config, &mpm_itk_module); |
30 |
@@ -1481,6 +1485,23 @@ |
31 |
wanted_username = unixd_config.user_name; |
32 |
} |
33 |
|
34 |
+ if ((pw = getpwuid(wanted_uid)) == NULL) { |
35 |
+ _DBG("crit: invalid uid: (%ld)", wanted_uid, strerror(errno)); |
36 |
+ err = 1; |
37 |
+ } |
38 |
+ |
39 |
+ /* |
40 |
+ * Apply user resource limits based on login class. |
41 |
+ */ |
42 |
+ if ((lc = login_getclassbyname(pw->pw_class, pw)) == NULL) { |
43 |
+ _DBG("failed to login_getclassbyname()", strerror(errno)); |
44 |
+ err = 1; |
45 |
+ } |
46 |
+ if ((setusercontext(lc, pw, wanted_uid, LOGIN_SETRESOURCES)) != 0) { |
47 |
+ _DBG("failed to setusercontext()", strerror(errno)); |
48 |
+ err = 1; |
49 |
+ } |
50 |
+ |
51 |
if (!err && wanted_uid != -1 && wanted_gid != -1 && (getuid() != wanted_uid || getgid() != wanted_gid)) { |
52 |
if (setgid(wanted_gid)) { |
53 |
_DBG("setgid(%d): %s", wanted_gid, strerror(errno)); |