Differences From:

File src/main.c part of check-in [df97fae2bd] - Patches to get Fossil working on OS/2. Ticket 89bec0d9aa9f30 by drh on 2009-08-29 17:01:33. [view]

To:

File src/main.c part of check-in [7ba10f1a6a] - When the "http" command is run as root, automatically set up a chroot jail and drop root privileges prior to reading any input. by drh on 2009-08-31 00:48:44. [view]

@@ -28,8 +28,11 @@
 #include "main.h"
 #include <string.h>
 #include <time.h>
 #include <fcntl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
 
 #if INTERFACE
 
 /*
@@ -681,8 +684,27 @@
   const char *zIpAddr;
   if( g.argc!=2 && g.argc!=3 && g.argc!=6 ){
     cgi_panic("no repository specified");
   }
+#if !defined(__MINGW32__)
+  if( g.argc==3 && getuid()==0 ){
+    int i;
+    char *zRepo = g.argv[2];
+    struct stat sStat;
+    for(i=strlen(zRepo)-1; i>0 && zRepo[i]!='/'; i--){}
+    if( zRepo[i]=='/' ){
+      zRepo[i] = 0;
+      chdir(g.argv[2]);
+      chroot(g.argv[2]);
+      g.argv[2] = &zRepo[i+1];
+    }
+    if( stat(g.argv[2], &sStat)!=0 ){
+      fossil_fatal("cannot stat() repository: %s", g.argv[2]);
+    }
+    setgid(sStat.st_gid);
+    setuid(sStat.st_uid);
+  }
+#endif
   g.cgiPanic = 1;
   g.fullHttpReply = 1;
   if( g.argc==6 ){
     g.httpIn = fopen(g.argv[3], "rb");