Index: Makefile.in
===================================================================
RCS file: /cvs/privman/privman/clients/thttpd/Makefile.in,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- Makefile.in	2002/04/23 22:11:24	1.1.1.1
+++ Makefile.in	2002/05/02 06:10:20	1.2
@@ -39,7 +39,7 @@
 # CONFIGURE: The group that the web directory belongs to.  This is so that
 # the makeweb program can be installed set-group-id to that group, and make
 # subdirectories.  If you're not going to use makeweb, ignore this.
-WEBGROUP =	www
+WEBGROUP =	apache
 
 # CONFIGURE: Directory for CGI executables.
 CGIBINDIR =	$(WEBDIR)/cgi-bin
Index: configure.in
===================================================================
RCS file: /cvs/privman/privman/clients/thttpd/configure.in,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- configure.in	2002/04/23 22:11:25	1.1.1.1
+++ configure.in	2002/04/24 20:28:17	1.2
@@ -64,7 +64,8 @@
 	AC_MSG_RESULT(no)   
 fi
 
-AC_CHECK_HEADERS(fcntl.h grp.h memory.h paths.h poll.h sys/poll.h)
+AC_CHECK_HEADERS(fcntl.h grp.h memory.h paths.h poll.h sys/poll.h privman.h \
+		time.h)
 AC_HEADER_TIME
 AC_HEADER_DIRENT
 
@@ -104,6 +105,8 @@
 	    V_NETLIBS="-lsocket -lnsl $V_NETLIBS", , -lnsl)))
 
 AC_CHECK_LIB(inet6, main)
+
+AC_CHECK_LIB(privman, priv_init)
 
 AC_CHECK_FUNC(crypt, , AC_CHECK_LIB(crypt, crypt))
 AC_CHECK_FUNC(hstrerror, ,
Index: libhttpd.c
===================================================================
RCS file: /cvs/privman/privman/clients/thttpd/libhttpd.c,v
retrieving revision 1.1.1.1
retrieving revision 1.5
diff -u -r1.1.1.1 -r1.5
--- libhttpd.c	2002/04/23 22:11:26	1.1.1.1
+++ libhttpd.c	2002/05/02 19:37:19	1.5
@@ -34,6 +34,9 @@
 #include <sys/wait.h>
 #include <sys/stat.h>
 #include <sys/time.h>
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif
 
 #include <ctype.h>
 #include <errno.h>
@@ -67,6 +70,13 @@
 # endif
 #endif
 
+#ifdef HAVE_PRIVMAN_H
+#include <privman.h>
+#else
+#define priv_fopen(a,b) fopen((a),(b))
+#define priv_bind(a,b,c) bind((a),(b),(c))
+#endif
+
 extern char* crypt( const char* key, const char* setting );
 
 #include "libhttpd.h"
@@ -401,7 +411,7 @@
 	     sizeof(on) ) < 0 )
 	syslog( LOG_CRIT, "setsockopt SO_REUSEADDR - %m" );
     /* Bind to it. */
-    if ( bind( listen_fd, &saP->sa, sockaddr_len( saP ) ) < 0 )
+    if ( priv_bind( listen_fd, &saP->sa, sockaddr_len( saP ) ) < 0 )
 	{
 	syslog(
 	    LOG_CRIT, "bind %.80s - %m", httpd_ntoa( saP ) );
@@ -920,7 +930,7 @@
 	}
 
     /* Open the password file. */
-    fp = fopen( authpath, "r" );
+    fp = priv_fopen( authpath, "r" );
     if ( fp == (FILE*) 0 )
 	{
 	/* The file exists but we can't open it?  Disallow access. */
@@ -3099,7 +3109,7 @@
     if ( hc->method == METHOD_GET || hc->method == METHOD_POST )
 	{
 	clear_ndelay( hc );
-	r = fork( );
+	r = fork( ); /* CGI programs should NOT be able to talk to privman */
 	if ( r < 0 )
 	    {
 	    syslog( LOG_ERR, "fork - %m" );
Index: mmc.c
===================================================================
RCS file: /cvs/privman/privman/clients/thttpd/mmc.c,v
retrieving revision 1.1.1.1
retrieving revision 1.3
diff -u -r1.1.1.1 -r1.3
--- mmc.c	2002/04/23 22:11:26	1.1.1.1
+++ mmc.c	2002/04/25 05:04:43	1.3
@@ -37,6 +37,12 @@
 #include <sys/mman.h>
 #endif /* HAVE_MMAP */
 
+#ifdef HAVE_PRIVMAN_H
+#include <privman.h>
+#else
+#define priv_open(a,b) open((a),(b))
+#endif
+
 #include "mmc.h"
 
 
@@ -119,7 +125,10 @@
 	}
 
     /* Nope.  Open the file. */
-    fd = open( filename, O_RDONLY );
+    /* Use priv_open under the assumption that it will be used to open
+     * the web files.
+     */
+    fd = priv_open( filename, O_RDONLY );
     if ( fd < 0 )
 	{
 	syslog( LOG_ERR, "open - %m" );
Index: thttpd.c
===================================================================
RCS file: /cvs/privman/privman/clients/thttpd/thttpd.c,v
retrieving revision 1.1.1.1
retrieving revision 1.4
diff -u -r1.1.1.1 -r1.4
--- thttpd.c	2002/04/23 22:11:27	1.1.1.1
+++ thttpd.c	2002/05/01 20:35:55	1.4
@@ -53,6 +53,12 @@
 #endif
 #include <unistd.h>
 
+#ifdef HAVE_PRIVMAN_H
+#include <privman.h>
+#else
+#define priv_fopen(a,b) fopen((a),(b))
+#endif
+
 #include "fdwatch.h"
 #include "libhttpd.h"
 #include "mmc.h"
@@ -175,7 +181,7 @@
     /* Re-open the log file. */
     if ( logfile != (char*) 0 )
 	{
-	logfp = fopen( logfile, "a" );
+	logfp = priv_fopen( logfile, "a" );
 	if ( logfp == (FILE*) 0 )
 	    {
 	    syslog( LOG_CRIT, "reopening %.80s - %m", logfile );
@@ -220,6 +226,10 @@
 
     argv0 = argv[0];
 
+#ifdef HAVE_LIBPRIVMAN
+    priv_init("thttp");
+#endif
+
     cp = strrchr( argv0, '/' );
     if ( cp != (char*) 0 )
 	++cp;
@@ -259,7 +269,7 @@
     /* Log file. */
     if ( logfile != (char*) 0 )
 	{
-	logfp = fopen( logfile, "a" );
+	logfp = priv_fopen( logfile, "a" );
 	if ( logfp == (FILE*) 0 )
 	    {
 	    syslog( LOG_CRIT, "%.80s - %m", logfile );
@@ -323,14 +333,20 @@
 	(void) fclose( stderr );
 
 	/* Daemonize - make ourselves a subprocess. */
-#ifdef HAVE_DAEMON
+#if defined(HAVE_LIBPRIVMAN)
+        if ( priv_daemon(1, 1) < 0 )
+            {
+            syslog( LOG_CRIT, "daemon - %m" );
+            exit( 1 );
+            }
+#elif defined(HAVE_DAEMON)
 	if ( daemon( 1, 1 ) < 0 )
 	    {
 	    syslog( LOG_CRIT, "daemon - %m" );
 	    exit( 1 );
 	    }
 #else /* HAVE_DAEMON */
-	switch ( fork() )
+	switch ( fork() ) /* not priv, cause no need to split privman. */
 	    {
 	    case 0:
 	    break;
@@ -358,7 +374,7 @@
     if ( pidfile != (char*) 0 )
 	{
 	/* Write the PID file. */
-	FILE* pidfp = fopen( pidfile, "w" );
+	FILE* pidfp = priv_fopen( pidfile, "w" );
 	if ( pidfp == (FILE*) 0 )
 	    {
 	    syslog( LOG_CRIT, "%.80s - %m", pidfile );
@@ -422,6 +438,7 @@
     stats_simultaneous = 0;
 #endif /* STATS_TIME */
 
+#ifndef HAVE_LIBPRIVMAN
     /* If we're root, try to become someone else. */
     if ( getuid() == 0 )
 	{
@@ -456,6 +473,7 @@
 		LOG_CRIT,
 		"started as root without requesting chroot(), warning only" );
 	}
+#endif /* HAVE_LIBPRIVMAN */
 
     /* Initialize our connections table. */
     maxconnects = fdwatch_get_nfiles();
Index: extras/htpasswd.c
===================================================================
RCS file: /cvs/privman/privman/clients/thttpd/extras/htpasswd.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- extras/htpasswd.c	2002/04/23 22:11:27	1.1.1.1
+++ extras/htpasswd.c	2002/04/24 20:28:17	1.2
@@ -23,7 +23,8 @@
 
 #define MAX_STRING_LEN 256
 
-char *tn;
+#define TN_STR "htpasswdXXXXXX"
+char tn[] = TN_STR;
 
 void interrupted(int);
 
@@ -124,7 +125,7 @@
 	if ( strcmp( pw, (char*) getpass( "Re-type new password:" ) ) != 0 )
 	    {
 	    (void) fprintf( stderr, "They don't match, sorry.\n" );
-	    if ( tn )
+	    if ( !strcmp(tn, TN_STR) )
 		unlink( tn );
 	    exit( 1 );
 	    }
@@ -143,7 +144,7 @@
 
 void interrupted(int signo) {
     fprintf(stderr,"Interrupted.\n");
-    if(tn) unlink(tn);
+    if(!strcmp(tn, TN_STR)) unlink(tn);
     exit(1);
 }
 
@@ -154,9 +155,11 @@
     char l[MAX_STRING_LEN];
     char w[MAX_STRING_LEN];
     char command[MAX_STRING_LEN];
-    int found;
+    char template[] = "htpasswdXXXXXX";
+    int found, fd;
 
-    tn = NULL;
+    strncpy(tn, TN_STR, sizeof(TN_STR));
+
     signal(SIGINT,(void (*)(int))interrupted);
     if(argc == 4) {
         if(strcmp(argv[1],"-c"))
@@ -173,8 +176,8 @@
         exit(0);
     } else if(argc != 3) usage();
 
-    tn = tmpnam(NULL);
-    if(!(tfp = fopen(tn,"w"))) {
+    fd = mkstemp(tn);
+    if(fd < 0 || (tfp = fopen(tn,"w")) == NULL ) {
         fprintf(stderr,"Could not open temp file.\n");
         exit(1);
     }