Method: Capp.drop_privileges

Defined in:
lib/capp.rb

.drop_privileges(run_as_user, run_as_directory = nil) ⇒ Object

Drops root privileges to the given run_as_user and optionally chroots to run_as_directory. Use this method after creating a packet capture instance to improve security.

Returns true if privileges are dropped, raises a Capp::Error if privileges could not be dropped and returns a false value if there was no need to drop privileges.

You will be able to start and stop packet capture but not create new packet capture instances after dropping privileges.

Raises:



100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
 
# File 'lib/capp.rb', line 100

def self.drop_privileges run_as_user, run_as_directory = nil
  return unless Process.uid.zero? and Process.euid.zero?
  return unless run_as_user or run_as_directory

  raise Capp::Error, 'chroot without dropping root is insecure' if
    run_as_directory and not run_as_user

  require 'etc'

  begin
    pw = if Integer === run_as_user then
           Etc.getpwuid run_as_user
         else
           Etc.getpwnam run_as_user
         end
  rescue ArgumentError => e
    raise Capp::Error, "could not find user #{run_as_user}"
  end

  if run_as_directory then
    begin
      Dir.chroot run_as_directory
      Dir.chdir '/'
    rescue Errno::ENOENT => e
      raise Capp::Error, "could not chroot to #{run_as_directory} " +
                         "or change to chroot directory"
    end
  end

  begin
    Process.gid = pw.gid
    Process.uid = pw.uid
  rescue Errno::EPERM => e
    raise Capp::Error, "unable to drop privileges to #{run_as_user} " +
                       "(#{e.message})"
  end

  true
end