From ba3acfc0dcf1d0603bd9d6bdee1e319339b1a509 Mon Sep 17 00:00:00 2001 From: Anselm R Garbe Date: Fri, 2 Aug 2013 22:11:18 +0200 Subject: applied Robert Schneider's Linux suggestions, also bumped version and updated LICENSE file's copyright notice --- LICENSE | 2 +- config.mk | 2 +- slock.c | 36 ++++++++++++++++++++++++++++-------- 3 files changed, 30 insertions(+), 10 deletions(-) diff --git a/LICENSE b/LICENSE index 5626eab..1c5152a 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT/X Consortium License -© 2006-2012 Anselm R Garbe +© 2006-2013 Anselm R Garbe Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), diff --git a/config.mk b/config.mk index 982d7a6..8cc3f68 100644 --- a/config.mk +++ b/config.mk @@ -1,5 +1,5 @@ # slock version -VERSION = 1.1 +VERSION = 1.2 # Customize below to fit your system diff --git a/slock.c b/slock.c index 154a091..467937c 100644 --- a/slock.c +++ b/slock.c @@ -44,6 +44,21 @@ die(const char *errstr, ...) { exit(EXIT_FAILURE); } +#ifdef __linux__ +#include + +static void +dontkillme(void) { + int fd; + + fd = open("/proc/self/oom_score_adj", O_WRONLY); + if (fd < 0 && errno == ENOENT) + return; + if (fd < 0 || write(fd, "-1000\n", 6) != 6 || close(fd) != 0) + die("cannot disable the out-of-memory killer for this process\n"); +} +#endif + #ifndef HAVE_BSD_AUTH static const char * getpw(void) { /* only run as root */ @@ -52,7 +67,7 @@ getpw(void) { /* only run as root */ pw = getpwuid(getuid()); if(!pw) - die("slock: cannot retrieve password entry (make sure to suid or sgid slock)"); + die("slock: cannot retrieve password entry (make sure to suid or sgid slock)\n"); endpwent(); rval = pw->pw_passwd; @@ -68,8 +83,9 @@ getpw(void) { /* only run as root */ #endif /* drop privileges */ - if(setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) - die("slock: cannot drop privileges"); + if (geteuid() == 0 + && ((getegid() != pw->pw_gid && setgid(pw->pw_gid) < 0) || setuid(pw->pw_uid) < 0)) + die("slock: cannot drop privileges\n"); return rval; } #endif @@ -114,9 +130,9 @@ readpw(Display *dpy, const char *pws) #ifdef HAVE_BSD_AUTH running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd); #else - running = strcmp(crypt(passwd, pws), pws); + running = !!strcmp(crypt(passwd, pws), pws); #endif - if(running != False) + if(running) XBell(dpy, 100); len = 0; break; @@ -244,20 +260,24 @@ main(int argc, char **argv) { else if(argc != 1) usage(); +#ifdef __linux__ + dontkillme(); +#endif + if(!getpwuid(getuid())) - die("slock: no passwd entry for you"); + die("slock: no passwd entry for you\n"); #ifndef HAVE_BSD_AUTH pws = getpw(); #endif if(!(dpy = XOpenDisplay(0))) - die("slock: cannot open display"); + die("slock: cannot open display\n"); /* Get the number of screens in display "dpy" and blank them all. */ nscreens = ScreenCount(dpy); locks = malloc(sizeof(Lock *) * nscreens); if(locks == NULL) - die("slock: malloc: %s", strerror(errno)); + die("slock: malloc: %s\n", strerror(errno)); int nlocks = 0; for(screen = 0; screen < nscreens; screen++) { if ( (locks[screen] = lockscreen(dpy, screen)) != NULL) -- cgit v1.2.3