mirror of
https://github.com/adnanh/webhook.git
synced 2025-05-14 09:34:43 +00:00
f108a2b38e
This commit allows webhook to setuid/setgid when running on Linux. Tested with: go get -d CGO_ENABLED=0 go build -ldflags="-s -w" Correctly compiled, ran, setuid/setgid properly, and answered hook requests.
21 lines
242 B
Go
21 lines
242 B
Go
// +build linux !windows
|
|
|
|
package main
|
|
|
|
import (
|
|
"syscall"
|
|
)
|
|
|
|
func dropPrivileges(uid, gid int) error {
|
|
err := syscall.Setgid(gid)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
err = syscall.Setuid(uid)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
}
|