Merge "Adds error handling when a change of user privilege has failed." into tizen

diff --git a/src/file_sync_service.c b/src/file_sync_service.c
index 5fc6642..bd0bf98 100644 (file)
--- a/src/file_sync_service.c
+++ b/src/file_sync_service.c
@@ -685,7 +685,10 @@ void file_sync_service(int fd, void *cookie)
             D("sync: '%s' '%s'\n", (char*) &msg.req, name);
 
             if (should_drop_privileges() && !verify_sync_rule(name)) {
-                set_sdk_user_privileges();
+                if (getuid() != g_sdk_user_id && set_sdk_user_privileges() < 0) {
+                    fail_message(fd, "failed to set SDK user privileges.");
+                    goto fail;
+                }
             }
 
             switch(msg.req.id) {

diff --git a/src/sdb.c b/src/sdb.c
index f257a0f..d421ba7 100644 (file)
--- a/src/sdb.c
+++ b/src/sdb.c
@@ -1538,14 +1538,17 @@ int set_sdk_user_privileges() {
 
     if (sdbd_set_groups() < 0) {
         D("set groups failed (errno: %d)\n", errno);
+        return -1;
     }
 
     if (setgid(g_sdk_group_id) != 0) {
         D("set group id failed (errno: %d)\n", errno);
+        return -1;
     }
 
     if (setuid(g_sdk_user_id) != 0) {
         D("set user id failed (errno: %d)\n", errno);
+        return -1;
     }
 
     if (chdir(g_sdk_home_dir) < 0) {

diff --git a/src/services.c b/src/services.c
index b6d960a..2478680 100644 (file)
--- a/src/services.c
+++ b/src/services.c
@@ -493,7 +493,10 @@ static int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], c
                 // do nothing
                 D("sdb: executes root commands!!:%s\n", argv[2]);
             } else {
-                set_sdk_user_privileges();
+                if (getuid() != g_sdk_user_id && set_sdk_user_privileges() < 0) {
+                    fprintf(stderr, "failed to set SDK user privileges\n");
+                    exit(-1);
+                }
             }
         }
         redirect_and_exec(pts, cmd, argv, envp);