From 8e9716d5d4777c7bca2194bae275290eeeafd75e Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Mon, 5 Oct 2020 18:14:23 +0200
Subject: [PATCH] sys: don't start privops helper for NTS-KE helper

The NTS-KE helper doesn't need to bind sockets or adjust the clock.
Don't start the privops helper, or keep the capabilities, when dropping
root privileges in its context.
---
 sys_linux.c   | 4 ++++
 sys_macosx.c  | 3 ++-
 sys_netbsd.c  | 3 ++-
 sys_solaris.c | 3 ++-
 4 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/sys_linux.c b/sys_linux.c
index 2f7fa9f..0b24445 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -450,6 +450,10 @@ SYS_Linux_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context, int clock_c
                clock_control ? "cap_sys_time=ep" : "") >= sizeof (cap_text))
     assert(0);
 
+  /* Helpers don't need any capabilities */
+  if (context != SYS_MAIN_PROCESS)
+    cap_text[0] = '\0';
+
   if ((cap = cap_from_text(cap_text)) == NULL) {
     LOG_FATAL("cap_from_text() failed");
   }
diff --git a/sys_macosx.c b/sys_macosx.c
index eb7297d..e3a38ed 100644
--- a/sys_macosx.c
+++ b/sys_macosx.c
@@ -417,7 +417,8 @@ SYS_MacOSX_SetScheduler(int SchedPriority)
 #ifdef FEAT_PRIVDROP
 void SYS_MacOSX_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 {
-  PRV_StartHelper();
+  if (context == SYS_MAIN_PROCESS)
+    PRV_StartHelper();
 
   UTI_DropRoot(uid, gid);
 }
diff --git a/sys_netbsd.c b/sys_netbsd.c
index 350f569..36ffa18 100644
--- a/sys_netbsd.c
+++ b/sys_netbsd.c
@@ -139,7 +139,8 @@ SYS_NetBSD_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 
   /* On NetBSD the helper is used only for socket binding, but on FreeBSD
      it's used also for setting and adjusting the system clock */
-  PRV_StartHelper();
+  if (context == SYS_MAIN_PROCESS)
+    PRV_StartHelper();
 
   UTI_DropRoot(uid, gid);
 
diff --git a/sys_solaris.c b/sys_solaris.c
index 9585100..ba86c11 100644
--- a/sys_solaris.c
+++ b/sys_solaris.c
@@ -57,7 +57,8 @@ SYS_Solaris_Finalise(void)
 void
 SYS_Solaris_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 {
-  PRV_StartHelper();
+  if (context == SYS_MAIN_PROCESS)
+    PRV_StartHelper();
   UTI_DropRoot(uid, gid);
 }
 #endif