X-Git-Url: https://git.armaanb.net/?a=blobdiff_plain;f=slock.c;h=d281965809db3017767aa5f12cbd99dd31c97482;hb=4339b507af01421e2deab63ca9ac3c5bdae5f4cc;hp=154a0918bee1b272ddd911d2c3736d08ef2b99ca;hpb=d276b9b0e01ea086e48ea8327efa0f9ebddca621;p=slock.git diff --git a/slock.c b/slock.c index 154a091..d281965 100644 --- a/slock.c +++ b/slock.c @@ -44,32 +44,51 @@ die(const char *errstr, ...) { exit(EXIT_FAILURE); } +#ifdef __linux__ +#include + +static void +dontkillme(void) { + int fd; + + fd = open("/proc/self/oom_score_adj", O_WRONLY); + if (fd < 0 && errno == ENOENT) + return; + if (fd < 0 || write(fd, "-1000\n", 6) != 6 || close(fd) != 0) + die("cannot disable the out-of-memory killer for this process\n"); +} +#endif + #ifndef HAVE_BSD_AUTH static const char * getpw(void) { /* only run as root */ const char *rval; struct passwd *pw; + errno = 0; pw = getpwuid(getuid()); - if(!pw) - die("slock: cannot retrieve password entry (make sure to suid or sgid slock)"); - endpwent(); + if (!pw) { + if (errno) + die("slock: getpwuid: %s\n", strerror(errno)); + else + die("slock: cannot retrieve password entry (make sure to suid or sgid slock)\n"); + } rval = pw->pw_passwd; #if HAVE_SHADOW_H - if (strlen(rval) >= 1) { /* kludge, assumes pw placeholder entry has len >= 1 */ + if (rval[0] == 'x' && rval[1] == '\0') { struct spwd *sp; sp = getspnam(getenv("USER")); if(!sp) die("slock: cannot retrieve shadow entry (make sure to suid or sgid slock)\n"); - endspent(); rval = sp->sp_pwdp; } #endif /* drop privileges */ - if(setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) - die("slock: cannot drop privileges"); + if (geteuid() == 0 + && ((getegid() != pw->pw_gid && setgid(pw->pw_gid) < 0) || setuid(pw->pw_uid) < 0)) + die("slock: cannot drop privileges\n"); return rval; } #endif @@ -114,9 +133,9 @@ readpw(Display *dpy, const char *pws) #ifdef HAVE_BSD_AUTH running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd); #else - running = strcmp(crypt(passwd, pws), pws); + running = !!strcmp(crypt(passwd, pws), pws); #endif - if(running != False) + if(running) XBell(dpy, 100); len = 0; break; @@ -128,7 +147,7 @@ readpw(Display *dpy, const char *pws) --len; break; default: - if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) { + if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) { memcpy(passwd + len, buf, num); len += num; } @@ -244,20 +263,24 @@ main(int argc, char **argv) { else if(argc != 1) usage(); +#ifdef __linux__ + dontkillme(); +#endif + if(!getpwuid(getuid())) - die("slock: no passwd entry for you"); + die("slock: no passwd entry for you\n"); #ifndef HAVE_BSD_AUTH pws = getpw(); #endif if(!(dpy = XOpenDisplay(0))) - die("slock: cannot open display"); + die("slock: cannot open display\n"); /* Get the number of screens in display "dpy" and blank them all. */ nscreens = ScreenCount(dpy); locks = malloc(sizeof(Lock *) * nscreens); if(locks == NULL) - die("slock: malloc: %s", strerror(errno)); + die("slock: malloc: %s\n", strerror(errno)); int nlocks = 0; for(screen = 0; screen < nscreens; screen++) { if ( (locks[screen] = lockscreen(dpy, screen)) != NULL)