From 371f5beec60f9ea8b13d2ae55094c8bc8841aa3d Mon Sep 17 00:00:00 2001
From: David Phillips <dbphillipsnz@gmail.com>
Date: Mon, 18 Jul 2016 10:02:45 +1200
Subject: Drop privileges down to nobody, general fix-ups.

---
 brightnessd.c | 53 ++++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 44 insertions(+), 9 deletions(-)

diff --git a/brightnessd.c b/brightnessd.c
index 24af9ad..ebd71a2 100644
--- a/brightnessd.c
+++ b/brightnessd.c
@@ -6,12 +6,14 @@
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <poll.h>
+#include <pwd.h>
 
 #define FIFO_PATH   "/tmp/brightnessd-fifo"
 #define BRIGHT_FILE	"/sys/class/backlight/radeon_bl0/brightness"
 #define DELAY		5
 #define STEP		1
 #define BIG_STEP	10
+#define USER        "nobody"
 
 int get_now(FILE *f)
 {
@@ -39,6 +41,11 @@ int main(int argc, char **argv)
 	int target = 0;
 	int now = 0;
 	FILE *f = NULL;
+	int fifo = 0;
+	struct pollfd fds;
+	struct passwd *p;
+	int delay = 0;
+	int nread = 0;
 	char buffer[4]; /* size 4 because max bright is 255, plus null terminator */
 
 	/* Open brightness file */
@@ -51,28 +58,56 @@ int main(int argc, char **argv)
 	now = get_now(f);
 	target = now;
 
-	/* create and open a FIFO */
+	/* create and open fifo, using chmod since mkfifo is affected by umask */
 	remove(FIFO_PATH);
 	mkfifo(FIFO_PATH, 0666);
 	chmod(FIFO_PATH, 0666);
 
 	/* FIXME : check return val */
-	int fifo = open(FIFO_PATH, O_RDWR);
+	fifo = open(FIFO_PATH, O_RDWR);
 
-	struct pollfd fds[1];
 
-	fds[0].fd = fifo;
-	fds[0].events = POLLIN;
+	fds.fd = fifo;
+	fds.events = POLLIN;
 
-	int delay = -1;
+	p = getpwnam(USER);
 
+	if (p == NULL)
+	{
+		fprintf(stderr, "Failed to get uid and gid of user \""USER"\", bailing\n");
+		return 1;
+	}
+
+	if (setgid(p->pw_gid))
+	{
+		fprintf(stderr, "Failed to set gid to %d\n", p->pw_gid);
+		perror("setuid");
+		return 1;
+	}
+
+	if (setuid(p->pw_uid))
+	{
+		fprintf(stderr, "Failed to set uid to %d\n", p->pw_uid);
+		perror("setuid");
+		return 1;
+	}
+
+	if (!setuid(0) || !setgid(0))
+	{
+		fprintf(stderr, "Got uid 0 or gid 0 back after dropping, bailing\n");
+		return 1;
+	}
+
+	delay = -1;
 	while(1)
 	{
-		poll(fds, 1, delay);
-		if (fds[0].revents & POLLIN)
+		poll(&fds, 1, delay);
+		if (fds.revents & POLLIN)
 		{
 			delay = DELAY;
-			read(fifo, buffer, sizeof(buffer));
+			nread = read(fifo, buffer, sizeof(buffer));
+			if (nread == 0)
+				perror("read");
 			switch(buffer[0])
 			{
 				case '+':
-- 
cgit v1.1