vol_id: probe volume as user nobody

[elogind.git] / extras / volume_id / vol_id.c

diff --git a/extras/volume_id/vol_id.c b/extras/volume_id/vol_id.c
index fe0b3a0ed070039201fd426cf53850d7b5f605b2..6961969c13f63e466638398d537058136cb21108 100644 (file)
--- a/extras/volume_id/vol_id.c
+++ b/extras/volume_id/vol_id.c
@@ -27,11 +27,11 @@
 #include <unistd.h>
 #include <string.h>
 #include <ctype.h>
+#include <grp.h>
 #include <sys/ioctl.h>
 
-#include "../../udev_utils.h"
-#include "../../logging.h"
-#include "volume_id/volume_id.h"
+#include "../../udev.h"
+#include "libvolume_id/volume_id.h"
 
 #define BLKGETSIZE64 _IOR(0x12,114,size_t)
 
@@ -111,6 +111,8 @@ int main(int argc, char *argv[])
        int i;
        uint64_t size;
        const char *node = NULL;
+       uid_t nobody_uid;
+       gid_t nobody_gid;
        int rc = 0;
 
        logging_init("vol_id");
@@ -145,17 +147,31 @@ int main(int argc, char *argv[])
 
        if (ioctl(vid->fd, BLKGETSIZE64, &size) != 0)
                size = 0;
+       dbg("BLKGETSIZE64=%llu", size);
+
+       /* drop all privileges */
+       nobody_uid = lookup_user("nobody");
+       nobody_gid = lookup_group("nogroup");
+       if (nobody_uid > 0 && nobody_gid > 0) {
+               if (setgroups(0, NULL) != 0 ||
+                   setgid(nobody_gid) != 0 ||
+                   setuid(nobody_uid) != 0) {
+                       rc = 3;
+                       goto exit;
+               }
+       }
 
        if (volume_id_probe_all(vid, 0, size) == 0)
                goto print;
 
        if (print != PRINT_EXPORT)
                fprintf(stderr, "%s: unknown volume type\n", node);
-       rc = 3;
+       rc = 4;
        goto exit;
 
 print:
        set_str(name, vid->label, sizeof(vid->label));
+       replace_untrusted_chars(name);
 
        switch (print) {
        case PRINT_EXPORT: