140#pragma message(Reminder "TODO: implement it for Win!")
146 if (newgid == ::gid_t(-1))
150 ::gid_t oldegid = ::getegid();
151 ::gid_t oldgid = ::getgid();
152 if (newuid == ::uid_t(-1))
156 ::uid_t oldeuid = ::geteuid();
157 ::uid_t olduid = ::getuid();
166 struct passwd *newuser(NULL);
169 newuser = ::getpwuid(newuid);
173 ::initgroups(newuser->pw_name, newgid);
177 ::setgroups(1, &newgid);
181 if (newgid != oldegid)
183#if defined(BLOCXX_HAVE_SETRESGID) && !defined(BLOCXX_BROKEN_SETRESGID)
184 ABORT_ERRNO_IF(::setresgid(newgid, newgid, newgid) == -1,
"drop_privileges [1]");
185#elif defined(BLOCXX_HAVE_SETREGID) && !defined(BLOCXX_BROKEN_SETREGID)
186 ABORT_ERRNO_IF(::setregid(newgid, newgid) == -1,
"drop_privileges [1]");
193 if (newuid != oldeuid)
195#if defined(BLOCXX_HAVE_SETRESUID) && !defined(BLOCXX_BROKEN_SETRESUID)
196 ABORT_ERRNO_IF(::setresuid(newuid, newuid, newuid) == -1,
"drop_privileges [2]");
197#elif defined(BLOCXX_HAVE_SETREUID) && !defined(BLOCXX_BROKEN_SETREUID)
198 ABORT_ERRNO_IF(::setreuid(newuid, newuid) == -1,
"drop_privileges [2]");
200#if !defined(BLOCXX_SETEUID_BREAKS_SETUID)
209 ABORT_IF(::getgid() != newgid || ::getegid() != newgid,
"drop_privileges [3]");
213 newuid != 0 && newgid != oldegid &&
214#
if defined(BLOCXX_HAVE_SETRESGID) && !defined(BLOCXX_BROKEN_SETRESGID)
215 (::setresgid(oldegid, oldegid, oldegid) != -1 || ::setgid(oldgid) != -1),
216#elif defined(BLOCXX_HAVE_SETREGID) && !defined(BLOCXX_BROKEN_SETREGID)
217 (::setregid(oldegid, oldegid) != -1 || ::setgid(oldgid) != -1),
219 (::setegid(oldegid) != -1 || ::setgid(oldgid) != -1),
221 "drop_privileges [4]"
225 ABORT_IF(::getuid() != newuid || ::geteuid() != newuid,
"drop_privileges [5]");
229 newuid != 0 && newuid != oldeuid &&
230#
if defined(BLOCXX_HAVE_SETRESUID) && !defined(BLOCXX_BROKEN_SETRESUID)
231 (::setresuid(oldeuid, oldeuid, oldeuid) != -1 || ::setuid(olduid) != -1),
232#elif defined(BLOCXX_HAVE_SETREUID) && !defined(BLOCXX_BROKEN_SETREUID)
233 (::setreuid(oldeuid, oldeuid) != -1 || ::setuid(olduid) != -1),
235 (::seteuid(oldeuid) != -1 || ::setuid(olduid) != -1),
237 "drop_privileges [6]"