inaban

commit: 81ba4ff7dde1e7ff4ad54954ba701654c7242af8
parent 045e46eb079aed110cd87003acd89174c045a145
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date:   Tue,  1 Dec 2020 04:24:32 +0100

Drop support for running as root

Diffstat:
M
README
2
+-
M
inaban.c
38
++++++++++----------------------------

2 files changed, 11 insertions(+), 29 deletions(-)
diff --git a/README b/README
@@ -7,7 +7,7 @@ Inaban: Nickname of “稲葉姫子 (Inaba Himeko)”, a character in Kokoro Con
 - (lib)xkbcommon
 
 # Installation
-The usual `make ; make install` works, if you do not have systemd-login or a replacement of it (such as elogind) you can setuid/setgid root `inaban` and she'll drop the permissions. Running inaban as root is unsupported.
+The usual `make ; make install` works. Running inaban as root (setuid included) is unsupported, you need to use something like seatd or {e,systemd-}logind.
 
 # Inspirations
 ## XMonad
diff --git a/inaban.c b/inaban.c
@@ -1,4 +1,4 @@
-// Copyright 2019 Haelwenn (lanodan) Monnier <contact+inaban@hacktivis.me>
+// Copyright 2019-2020 Haelwenn (lanodan) Monnier <contact+inaban@hacktivis.me>
 // SPDX-License-Identifier: BSD-3-Clause
 // Based on wlroots's TinyWL which is distributed under CC0
 
@@ -591,28 +591,6 @@ server_new_xdg_surface(struct wl_listener *listener, void *data)
 	wl_list_insert(&server->views, &view->link);
 }
 
-static bool
-drop_permissions(void)
-{
-	if(getuid() != geteuid() || getgid() != getegid())
-	{
-		if(setuid(getuid()) != 0 || setgid(getgid()) != 0)
-		{
-			wlr_log(WLR_ERROR, "Unable to drop root, refusing to continue");
-			return false;
-		}
-	}
-	if(setuid(0) != -1)
-	{
-		wlr_log(
-		    WLR_ERROR,
-		    "Unable to drop root (we shouldn't be able to restore it after setuid), refusing to start");
-		return false;
-	}
-
-	return true;
-}
-
 void
 quit(const Arg *arg)
 {
@@ -642,6 +620,15 @@ main(int argc, char *argv[])
 
 	struct wlr_server_decoration_manager *server_decoration_manager = NULL;
 
+	if((getuid()*geteuid()*getgid()*getegid()) == 0)
+	{
+		wlr_log(WLR_ERROR, "running as root, refusing to continue");
+		return 1;
+	}
+
+	// handle SIGTERM signals
+	signal(SIGTERM, sigterm_handler);
+
 	int c;
 	while((c = getopt(argc, argv, "s:h")) != -1)
 	{
@@ -673,11 +660,6 @@ main(int argc, char *argv[])
 	 * don't). */
 	server.backend = wlr_backend_autocreate(server.wl_display, NULL);
 
-	if(!drop_permissions()) abort();
-
-	// handle SIGTERM signals
-	signal(SIGTERM, sigterm_handler);
-
 	/* If we don't provide a renderer, autocreate makes a GLES2 renderer for us.
 	 * The renderer is responsible for defining the various pixel formats it
 	 * supports for shared memory, this configures that for clients. */