From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Tue, 30 Sep 2014 17:07:10 +0000 (+0100)
Subject: secnet: provide will_droppriv
X-Git-Tag: base.ipv6-polypath-fixes-2.v1~42
X-Git-Url: https://git.distorted.org.uk/~mdw/secnet/commitdiff_plain/64f5ae57aece3480ab79a93fc1b310e8b5ce22e9?hp=83692003d26df90e149a3e627dbf4aaaad2ddb72

secnet: provide will_droppriv

polypath is going to want to know whether to do privsep.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/secnet.c b/secnet.c
index 111a1b0..024744c 100644
--- a/secnet.c
+++ b/secnet.c
@@ -383,6 +383,12 @@ static void run(void)
     free(fds);
 }
 
+bool_t will_droppriv(void)
+{
+    assert(current_phase >= PHASE_SETUP);
+    return !!uid;
+}
+
 /* Surrender privileges, if necessary */
 static void droppriv(void)
 {
diff --git a/secnet.h b/secnet.h
index b2f6927..7fbe157 100644
--- a/secnet.h
+++ b/secnet.h
@@ -274,6 +274,11 @@ extern void enter_phase(uint32_t new_phase);
 extern bool_t require_root_privileges;
 extern cstring_t require_root_privileges_explanation;
 
+/* Some modules may want to know whether secnet is going to drop
+   privilege, so that they know whether to do privsep.  Call only
+   in phases SETUP and later. */
+bool_t will_droppriv(void);
+
 /***** END of program lifetime support *****/
 
 /***** MODULE support *****/