First attempt at dropping privileges

author: sid77 <sid77@slackware.it> 2016-08-21 02:00:41 +0200
committer: Marco Bonetti <marco@intercom.io> 2016-08-26 10:04:41 +0100
commit: 4028762f4a81a59ccc6d6e5662fa7e341fc74336 (patch)
tree: 0124ed9d2cf5ef154c2d4923643d9bdcc1edb638 /vendor/github.com/sid77/drop/drop.go
parent: bc966492134279c03458cab2ed2f2f51104ee283 (diff)
1 files changed, 35 insertions, 0 deletions
diff --git a/vendor/github.com/sid77/drop/drop.go b/vendor/github.com/sid77/drop/drop.go
new file mode 100644
index 0000000..0fb64a9
--- /dev/null
+++ b/vendor/github.com/sid77/drop/drop.go
@@ -0,0 +1,35 @@
+package drop
+
+import (
+	"os/user"
+	"strconv"
+
+	"github.com/sid77/drop/syscall"
+)
+
+func DropPrivileges(runAsUser string) (err error) {
+	usr, err := user.Lookup(runAsUser)
+	if err != nil {
+		return err
+	}
+
+	gid, err := strconv.Atoi(usr.Gid)
+	if err != nil {
+		return err
+	}
+
+	uid, err := strconv.Atoi(usr.Uid)
+	if err != nil {
+		return err
+	}
+
+	if err = syscall.Setgid(gid); err != nil {
+		return err
+	}
+
+	if err = syscall.Setuid(uid); err != nil {
+		return err
+	}
+
+	return nil
+}
author	sid77 <sid77@slackware.it>	2016-08-21 02:00:41 +0200
committer	Marco Bonetti <marco@intercom.io>	2016-08-26 10:04:41 +0100
commit	4028762f4a81a59ccc6d6e5662fa7e341fc74336 (patch)
tree	0124ed9d2cf5ef154c2d4923643d9bdcc1edb638 /vendor/github.com/sid77/drop/drop.go
parent	bc966492134279c03458cab2ed2f2f51104ee283 (diff)