1 files changed, 11 insertions, 2 deletions
diff --git a/opentracker.c b/opentracker.c
index 2d2058b..f9dc48b 100644
--- a/opentracker.c
+++ b/opentracker.c
@@ -24,6 +24,7 @@
 #include <errno.h>
 #include <signal.h>
 #include <stdio.h>
+#include <pwd.h>
 #include "trackerlogic.h"
 #include "scan_urlencoded_query.h"
@@ -736,6 +737,7 @@ static void ot_try_bind( char ip[4], uint16 port, int is_tcp ) {
 }
 int main( int argc, char **argv ) {
+  struct passwd *pws = NULL;
  char serverip[4] = {0,0,0,0};
  char *serverdir = ".";
  int scanon = 1;
@@ -759,8 +761,15 @@ int main( int argc, char **argv ) {
    ot_try_bind( serverip, 6969, 1 );
    ot_try_bind( serverip, 6969, 0 );
  }
-  setegid( (gid_t)-2 ); setuid( (uid_t)-2 );
-  setgid( (gid_t)-2 ); seteuid( (uid_t)-2 );
+  pws = getpwnam( "nobody ");
+  if( !pws ) {
+    setegid( (gid_t)-2 ); setuid( (uid_t)-2 );
+    setgid( (gid_t)-2 ); seteuid( (uid_t)-2 );
+  } else {
+    setegid( pws->pw_gid ); setuid( pws->pw_uid );
+    setgid( pws->pw_gid ); seteuid( pws->pw_uid );
+  }
  signal( SIGPIPE, SIG_IGN );
  signal( SIGINT,  graceful );

diff --git a/opentracker.c b/opentracker.c index 2d2058b..f9dc48b 100644 --- a/opentracker.c +++ b/opentracker.c
@@ -24,6 +24,7 @@
24	#include <errno.h>	24	#include <errno.h>
25	#include <signal.h>	25	#include <signal.h>
26	#include <stdio.h>	26	#include <stdio.h>
		27	#include <pwd.h>
27		28
28	#include "trackerlogic.h"	29	#include "trackerlogic.h"
29	#include "scan_urlencoded_query.h"	30	#include "scan_urlencoded_query.h"
@@ -736,6 +737,7 @@ static void ot_try_bind( char ip[4], uint16 port, int is_tcp ) {
736	}	737	}
737		738
738	int main( int argc, char **argv ) {	739	int main( int argc, char **argv ) {
		740	struct passwd *pws = NULL;
739	char serverip[4] = {0,0,0,0};	741	char serverip[4] = {0,0,0,0};
740	char *serverdir = ".";	742	char *serverdir = ".";
741	int scanon = 1;	743	int scanon = 1;
@@ -759,8 +761,15 @@ int main( int argc, char **argv ) {
759	ot_try_bind( serverip, 6969, 1 );	761	ot_try_bind( serverip, 6969, 1 );
760	ot_try_bind( serverip, 6969, 0 );	762	ot_try_bind( serverip, 6969, 0 );
761	}	763	}
762	setegid( (gid_t)-2 ); setuid( (uid_t)-2 );	764
763	setgid( (gid_t)-2 ); seteuid( (uid_t)-2 );	765	pws = getpwnam( "nobody ");
		766	if( !pws ) {
		767	setegid( (gid_t)-2 ); setuid( (uid_t)-2 );
		768	setgid( (gid_t)-2 ); seteuid( (uid_t)-2 );
		769	} else {
		770	setegid( pws->pw_gid ); setuid( pws->pw_uid );
		771	setgid( pws->pw_gid ); seteuid( pws->pw_uid );
		772	}
764		773
765	signal( SIGPIPE, SIG_IGN );	774	signal( SIGPIPE, SIG_IGN );
766	signal( SIGINT, graceful );	775	signal( SIGINT, graceful );