diff --git a/lib/lws-plat-unix.c b/lib/lws-plat-unix.c index acd11c3b..9d10acff 100644 --- a/lib/lws-plat-unix.c +++ b/lib/lws-plat-unix.c @@ -1,5 +1,8 @@ #include "private-libwebsockets.h" +#include +#include + /* * included from libwebsockets.c for unix builds */ @@ -250,12 +253,22 @@ lws_plat_set_socket_options(struct libwebsocket_context *context, int fd) LWS_VISIBLE void lws_plat_drop_app_privileges(struct lws_context_creation_info *info) { + if (info->uid != -1) { + struct passwd *p = getpwuid(info->uid); + + if (p) { + initgroups(p->pw_name, info->gid); + if (setuid(info->uid)) + lwsl_warn("setuid: %s\n", strerror(LWS_ERRNO)); + else + lwsl_notice(" Set privs to user '%s'\n", p->pw_name); + } else + lwsl_warn("getpwuid: unable to find uid %d", info->uid); + } if (info->gid != -1) if (setgid(info->gid)) lwsl_warn("setgid: %s\n", strerror(LWS_ERRNO)); - if (info->uid != -1) - if (setuid(info->uid)) - lwsl_warn("setuid: %s\n", strerror(LWS_ERRNO)); + } LWS_VISIBLE int