aboutsummaryrefslogtreecommitdiff
path: root/slock.c
diff options
context:
space:
mode:
Diffstat (limited to 'slock.c')
-rw-r--r--slock.c36
1 files changed, 28 insertions, 8 deletions
diff --git a/slock.c b/slock.c
index 154a091..467937c 100644
--- a/slock.c
+++ b/slock.c
@@ -44,6 +44,21 @@ die(const char *errstr, ...) {
44 exit(EXIT_FAILURE); 44 exit(EXIT_FAILURE);
45} 45}
46 46
47#ifdef __linux__
48#include <fcntl.h>
49
50static void
51dontkillme(void) {
52 int fd;
53
54 fd = open("/proc/self/oom_score_adj", O_WRONLY);
55 if (fd < 0 && errno == ENOENT)
56 return;
57 if (fd < 0 || write(fd, "-1000\n", 6) != 6 || close(fd) != 0)
58 die("cannot disable the out-of-memory killer for this process\n");
59}
60#endif
61
47#ifndef HAVE_BSD_AUTH 62#ifndef HAVE_BSD_AUTH
48static const char * 63static const char *
49getpw(void) { /* only run as root */ 64getpw(void) { /* only run as root */
@@ -52,7 +67,7 @@ getpw(void) { /* only run as root */
52 67
53 pw = getpwuid(getuid()); 68 pw = getpwuid(getuid());
54 if(!pw) 69 if(!pw)
55 die("slock: cannot retrieve password entry (make sure to suid or sgid slock)"); 70 die("slock: cannot retrieve password entry (make sure to suid or sgid slock)\n");
56 endpwent(); 71 endpwent();
57 rval = pw->pw_passwd; 72 rval = pw->pw_passwd;
58 73
@@ -68,8 +83,9 @@ getpw(void) { /* only run as root */
68#endif 83#endif
69 84
70 /* drop privileges */ 85 /* drop privileges */
71 if(setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) 86 if (geteuid() == 0
72 die("slock: cannot drop privileges"); 87 && ((getegid() != pw->pw_gid && setgid(pw->pw_gid) < 0) || setuid(pw->pw_uid) < 0))
88 die("slock: cannot drop privileges\n");
73 return rval; 89 return rval;
74} 90}
75#endif 91#endif
@@ -114,9 +130,9 @@ readpw(Display *dpy, const char *pws)
114#ifdef HAVE_BSD_AUTH 130#ifdef HAVE_BSD_AUTH
115 running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd); 131 running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd);
116#else 132#else
117 running = strcmp(crypt(passwd, pws), pws); 133 running = !!strcmp(crypt(passwd, pws), pws);
118#endif 134#endif
119 if(running != False) 135 if(running)
120 XBell(dpy, 100); 136 XBell(dpy, 100);
121 len = 0; 137 len = 0;
122 break; 138 break;
@@ -244,20 +260,24 @@ main(int argc, char **argv) {
244 else if(argc != 1) 260 else if(argc != 1)
245 usage(); 261 usage();
246 262
263#ifdef __linux__
264 dontkillme();
265#endif
266
247 if(!getpwuid(getuid())) 267 if(!getpwuid(getuid()))
248 die("slock: no passwd entry for you"); 268 die("slock: no passwd entry for you\n");
249 269
250#ifndef HAVE_BSD_AUTH 270#ifndef HAVE_BSD_AUTH
251 pws = getpw(); 271 pws = getpw();
252#endif 272#endif
253 273
254 if(!(dpy = XOpenDisplay(0))) 274 if(!(dpy = XOpenDisplay(0)))
255 die("slock: cannot open display"); 275 die("slock: cannot open display\n");
256 /* Get the number of screens in display "dpy" and blank them all. */ 276 /* Get the number of screens in display "dpy" and blank them all. */
257 nscreens = ScreenCount(dpy); 277 nscreens = ScreenCount(dpy);
258 locks = malloc(sizeof(Lock *) * nscreens); 278 locks = malloc(sizeof(Lock *) * nscreens);
259 if(locks == NULL) 279 if(locks == NULL)
260 die("slock: malloc: %s", strerror(errno)); 280 die("slock: malloc: %s\n", strerror(errno));
261 int nlocks = 0; 281 int nlocks = 0;
262 for(screen = 0; screen < nscreens; screen++) { 282 for(screen = 0; screen < nscreens; screen++) {
263 if ( (locks[screen] = lockscreen(dpy, screen)) != NULL) 283 if ( (locks[screen] = lockscreen(dpy, screen)) != NULL)