diff options
| -rw-r--r-- | tlsserver.go | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/tlsserver.go b/tlsserver.go index 3022f0e..9d3806d 100644 --- a/tlsserver.go +++ b/tlsserver.go @@ -8,12 +8,15 @@ import ( "fmt" "os" "os/exec" + "syscall" ) var ( cfile = flag.String("cert", "cert.pem", "Certificate file in PEM format") kfile = flag.String("key", "key.pem", "Key file in PEM format") port = flag.Int("port", 1234, "Port to bind to") + uid = flag.Int("uid", -1, "UID to run under") + gid = flag.Int("gid", -1, "GID to run under") args []string nargs int ) @@ -50,6 +53,25 @@ func main() { } defer sock.Close() + // set uid/gid + if *gid >= 0 { + err := syscall.Setgid(*gid) + if err != nil { + fmt.Println("Couldn't setgid to", *gid, ":", err) + os.Exit(4) + } + } + + if *uid >= 0 { + err := syscall.Setuid(*uid) + if err != nil { + fmt.Println("Couldn't setuid to", *uid, ":", err) + os.Exit(4) + } + } + + + // accept-loop for { conn, err := sock.Accept() |