diff options
author | Nick Kralevich <nnk@google.com> | 2013-03-21 14:02:26 -0700 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2013-03-21 14:07:12 -0700 |
commit | 144125fdc8f56346f1cecd49d6d3a4967220d818 (patch) | |
tree | 8c138c9405a399006f4ad75ad6edf55fa5bc326d | |
parent | c0bd4faa2feb4fae377fbb1be27ab26850f17eed (diff) | |
download | ping-144125fdc8f56346f1cecd49d6d3a4967220d818.tar.gz |
ping: remove group check
Ping no longer requires special privileges to run, nor is
it setgid. It no longer makes sense to do security checks in the
binary. Remove the checks.
These checks will need to be readded if ping is ever made setgid again.
Change-Id: I2bf78a97e4959148b71124f168366fc7ca05b499
-rw-r--r-- | ping.c | 49 |
1 files changed, 0 insertions, 49 deletions
@@ -64,8 +64,6 @@ char copyright[] = #include <netinet/ip_icmp.h> #ifdef ANDROID -#include <sys/types.h> -#include <private/android_filesystem_config.h> #define bcmp(a, b, c) memcmp(a, b, c) #endif @@ -110,47 +108,6 @@ struct sockaddr_in source; char *device; int pmtudisc = -1; -#ifdef ANDROID -int isInSupplementaryGroup(gid_t group) { - long ngroups_max; - gid_t empty[0]; - gid_t *groups; - int ngroups; - int i; - - if (getuid() == 0) { - // root is presumed to be in every group - return 1; - } - - ngroups = getgroups(0, empty); - if (ngroups < 0) { - perror("ping: call to getgroups for sizing failed"); - exit(2); - } - groups = (gid_t *) malloc((ngroups * sizeof(gid_t))); - if (groups == NULL) { - fprintf(stderr, "ping: unable to allocate memory for %d groups. Aborting\n", ngroups); - exit(2); - } - ngroups = getgroups(ngroups, groups); - if (ngroups < 0) { - perror("ping: getgroups failed"); - exit(2); - } - - for (i = 0; i < ngroups; i++) { - if (group == groups[i]) { - free(groups); - return 1; - } - } - - free(groups); - return 0; -} -#endif - int main(int argc, char **argv) { @@ -168,12 +125,6 @@ main(int argc, char **argv) icmp_sock = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); socket_errno = errno; -#ifdef ANDROID - if (!isInSupplementaryGroup(AID_INET)) { - fprintf(stderr, "You must have internet permissions to use ping. Aborting.\n"); - exit(2); - } -#endif uid = getuid(); setuid(uid); |