diff options
author | Guy Harris <guy@alum.mit.edu> | 2006-02-06 03:11:34 +0000 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2006-02-06 03:11:34 +0000 |
commit | 4c4f18eb3f756a95f550650d689b7854308695ae (patch) | |
tree | 7ef8d7904d3b4c12c104e534a354fe4ef109067e /epan/plugins.c | |
parent | 41a8855e1b67bb3909f8e86a466af397204334ad (diff) |
Add code to check whether the app was started with special privileges
(e.g., set-UID or set-GID), and don't load user plugs if it is.
svn path=/trunk/; revision=17174
Diffstat (limited to 'epan/plugins.c')
-rw-r--r-- | epan/plugins.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/epan/plugins.c b/epan/plugins.c index eaa380cab8..83c7e8998f 100644 --- a/epan/plugins.c +++ b/epan/plugins.c @@ -49,6 +49,7 @@ #endif #include "filesystem.h" +#include "privileges.h" #include <wiretap/file_util.h> #include "report_err.h" @@ -415,11 +416,18 @@ init_plugins(const char *plugin_dir) g_free(datafile_dir); /* - * Scan the users plugin directory. + * If the program wasn't started with special privileges, + * scan the users plugin directory. (Even if we relinquish + * them, plugins aren't safe unless we've *permanently* + * relinquished them, and we can't do that in Ethereal as, + * if we need privileges to start capturing, we'd need to + * reclaim them before each time we start capturing.) */ - datafile_dir = get_plugins_pers_dir(); - plugins_scan_dir(datafile_dir); - g_free(datafile_dir); + if (!started_with_special_privs()) { + datafile_dir = get_plugins_pers_dir(); + plugins_scan_dir(datafile_dir); + g_free(datafile_dir); + } } } |