summaryrefslogtreecommitdiff
path: root/slock.c
diff options
context:
space:
mode:
Diffstat (limited to 'slock.c')
-rw-r--r--slock.c36
1 files changed, 28 insertions, 8 deletions
diff --git a/slock.c b/slock.c
index 154a091..467937c 100644
--- a/slock.c
+++ b/slock.c
@@ -44,6 +44,21 @@ die(const char *errstr, ...) {
exit(EXIT_FAILURE);
}
+#ifdef __linux__
+#include <fcntl.h>
+
+static void
+dontkillme(void) {
+ int fd;
+
+ fd = open("/proc/self/oom_score_adj", O_WRONLY);
+ if (fd < 0 && errno == ENOENT)
+ return;
+ if (fd < 0 || write(fd, "-1000\n", 6) != 6 || close(fd) != 0)
+ die("cannot disable the out-of-memory killer for this process\n");
+}
+#endif
+
#ifndef HAVE_BSD_AUTH
static const char *
getpw(void) { /* only run as root */
@@ -52,7 +67,7 @@ getpw(void) { /* only run as root */
pw = getpwuid(getuid());
if(!pw)
- die("slock: cannot retrieve password entry (make sure to suid or sgid slock)");
+ die("slock: cannot retrieve password entry (make sure to suid or sgid slock)\n");
endpwent();
rval = pw->pw_passwd;
@@ -68,8 +83,9 @@ getpw(void) { /* only run as root */
#endif
/* drop privileges */
- if(setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0)
- die("slock: cannot drop privileges");
+ if (geteuid() == 0
+ && ((getegid() != pw->pw_gid && setgid(pw->pw_gid) < 0) || setuid(pw->pw_uid) < 0))
+ die("slock: cannot drop privileges\n");
return rval;
}
#endif
@@ -114,9 +130,9 @@ readpw(Display *dpy, const char *pws)
#ifdef HAVE_BSD_AUTH
running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd);
#else
- running = strcmp(crypt(passwd, pws), pws);
+ running = !!strcmp(crypt(passwd, pws), pws);
#endif
- if(running != False)
+ if(running)
XBell(dpy, 100);
len = 0;
break;
@@ -244,20 +260,24 @@ main(int argc, char **argv) {
else if(argc != 1)
usage();
+#ifdef __linux__
+ dontkillme();
+#endif
+
if(!getpwuid(getuid()))
- die("slock: no passwd entry for you");
+ die("slock: no passwd entry for you\n");
#ifndef HAVE_BSD_AUTH
pws = getpw();
#endif
if(!(dpy = XOpenDisplay(0)))
- die("slock: cannot open display");
+ die("slock: cannot open display\n");
/* Get the number of screens in display "dpy" and blank them all. */
nscreens = ScreenCount(dpy);
locks = malloc(sizeof(Lock *) * nscreens);
if(locks == NULL)
- die("slock: malloc: %s", strerror(errno));
+ die("slock: malloc: %s\n", strerror(errno));
int nlocks = 0;
for(screen = 0; screen < nscreens; screen++) {
if ( (locks[screen] = lockscreen(dpy, screen)) != NULL)