Fix: setuid/setgid daemons should not get sensitive env. var./args

[lttng-tools.git] / src / bin / lttng / lttng.c

diff --git a/src/bin/lttng/lttng.c b/src/bin/lttng/lttng.c
index 154f6df6b5e31e16d54e275e183290dd61775b33..8e5bb0fd468cd52b670f8dfef3b62250b7ec5aed 100644 (file)
--- a/src/bin/lttng/lttng.c
+++ b/src/bin/lttng/lttng.c
@@ -30,6 +30,7 @@
 
 #include <lttng/lttng.h>
 #include <common/error.h>
+#include <common/compat/getenv.h>
 
 #include "command.h"
 
@@ -445,6 +446,11 @@ static int parse_args(int argc, char **argv)
        int opt, ret;
        char *user;
 
+       if (lttng_is_setuid_setgid()) {
+               ERR("'%s' is not allowed to be executed as a setuid/setgid binary for security reasons. Aborting.", argv[0]);
+               clean_exit(EXIT_FAILURE);
+       }
+
        if (argc < 2) {
                usage(stderr);
                clean_exit(EXIT_FAILURE);