From f59fac67be2ca857268aa65aaf5984b91a4f82e5 Mon Sep 17 00:00:00 2001 From: =?utf8?q?J=C3=A9r=C3=A9mie=20Galarneau?= Date: Fri, 3 Jun 2016 14:05:21 -0400 Subject: [PATCH] Fix: lttng-relayd allow binding of privileged ports for non-root users MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Non-root users could use authbind to bind to low-numbered ports. Moreover, the check was inverted; !getuid() will only be true for the root user. Signed-off-by: Jérémie Galarneau --- src/bin/lttng-relayd/main.c | 9 --------- 1 file changed, 9 deletions(-) diff --git a/src/bin/lttng-relayd/main.c b/src/bin/lttng-relayd/main.c index 1ac975660..1ea2d2c08 100644 --- a/src/bin/lttng-relayd/main.c +++ b/src/bin/lttng-relayd/main.c @@ -2715,15 +2715,6 @@ int main(int argc, char **argv) goto exit_init_data; } - /* Check if daemon is UID = 0 */ - if (!getuid()) { - if (control_uri->port < 1024 || data_uri->port < 1024 || live_uri->port < 1024) { - ERR("Need to be root to use ports < 1024"); - retval = -1; - goto exit_init_data; - } - } - /* Setup the thread apps communication pipe. */ if (create_relay_conn_pipe()) { retval = -1; -- 2.34.1