diff --git a/CHANGELOG.md b/CHANGELOG.md index 9e3224f..afd2e05 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -79,6 +79,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ### Security - Added command line arguments for secure token read and acquire. Token presented to cloud for authentication verification. +- Included chnages to drop root capabilities for parodus process ## [1.0.0] - 2017-11-17 ### Added diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 0029f70..aa3f66c 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -15,7 +15,7 @@ set(SOURCES main.c mutex.c networking.c nopoll_helpers.c heartBeat.c nopoll_hand ParodusInternal.c string_helpers.c time.c config.c conn_interface.c connection.c spin_thread.c client_list.c service_alive.c upstream.c downstream.c thread_tasks.c partners_check.c token.c event_handler.c - crud_interface.c crud_tasks.c crud_internal.c close_retry.c auth_token.c) + crud_interface.c crud_tasks.c crud_internal.c close_retry.c auth_token.c privilege.c) if (ENABLE_SESHAT) set(SOURCES ${SOURCES} seshat_interface.c) diff --git a/src/main.c b/src/main.c index fbf92f4..85c3010 100644 --- a/src/main.c +++ b/src/main.c @@ -27,6 +27,7 @@ #include "breakpad_wrapper.h" #endif #include "signal.h" +#include "privilege.h" /*----------------------------------------------------------------------------*/ /* Macros */ @@ -104,6 +105,7 @@ int main( int argc, char **argv) memset(cfg,0,sizeof(ParodusCfg)); ParodusInfo("********** Starting component: Parodus **********\n "); + drop_root_privilege(); setDefaultValuesToCfg(cfg); if (0 != parseCommandLine(argc,argv,cfg)) { abort(); diff --git a/src/privilege.c b/src/privilege.c new file mode 100644 index 0000000..d14d6c7 --- /dev/null +++ b/src/privilege.c @@ -0,0 +1,6 @@ +#include "privilege.h" + +void drop_root_privilege() +{ + +} diff --git a/src/privilege.h b/src/privilege.h new file mode 100644 index 0000000..2654a3e --- /dev/null +++ b/src/privilege.h @@ -0,0 +1 @@ +void drop_root_privilege();