* Replaced luafilesystem with luaposix library

* Introduced privilege dropping capability * Automatically drop privileges for "public" to "nobody/nogroup" (as defined in ffluci.uci)
author: Steven Barth <steven@midlink.org> 2008-03-29 18:22:21 +0000
committer: Steven Barth <steven@midlink.org> 2008-03-29 18:22:21 +0000
commit: 1c6c6d62ca665f9d1126b6bad849f7fd584b6a80 (patch)
tree: d0f6d975a17d100a52d158a72904d3cbbf964ab4 /src/ffluci/dispatcher.lua
parent: cdb0b2f0bfaa0e0bb40b1b90581e1376f55fb0df (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/src/ffluci/dispatcher.lua b/src/ffluci/dispatcher.lua
index 139b0e3083..b60a9beefa 100644
--- a/src/ffluci/dispatcher.lua
+++ b/src/ffluci/dispatcher.lua
@@ -84,8 +84,20 @@ limitations under the License.
 module("ffluci.dispatcher", package.seeall)
 require("ffluci.http")
 require("ffluci.template")
+require("ffluci.config")
+require("ffluci.sys")
 
 
+-- Sets privilege for given category
+function assign_privileges(category)
+	local cp = ffluci.config.category_privileges
+	if cp and cp[category] then
+		local u, g = cp[category]:match("([^:]+):([^:]+)")
+		ffluci.sys.process.setuser(u)
+		ffluci.sys.process.setgroup(g)
+	end
+end
+
 -- Dispatches the "request"
 function dispatch(req)
 	request = req
@@ -137,6 +149,7 @@ function httpdispatch()
 	local mod = sanitize(parts(), "index")
 	local act = sanitize(parts(), "index")
 	
+	assign_privileges(cat)
 	dispatch({category=cat, module=mod, action=act})
 end
author	Steven Barth <steven@midlink.org>	2008-03-29 18:22:21 +0000
committer	Steven Barth <steven@midlink.org>	2008-03-29 18:22:21 +0000
commit	1c6c6d62ca665f9d1126b6bad849f7fd584b6a80 (patch)
tree	d0f6d975a17d100a52d158a72904d3cbbf964ab4 /src/ffluci/dispatcher.lua
parent	cdb0b2f0bfaa0e0bb40b1b90581e1376f55fb0df (diff)