Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits 5a3f220
factorize the code dropping privileges in one single place
Baptiste Daroussin committed 9 years ago
commit 5a3f220e3e186212c2f19d2254c57d6d843f1f9f
parent 411cdf4
3 files changed +24 -29
modified src/event.c
@@ -48,7 +48,6 @@
#include <unistd.h>

#include <errno.h>

#include <signal.h>
- 
#include <pwd.h>

#ifdef HAVE_LIBUTIL_H

#include <libutil.h>

#endif
@@ -227,7 +226,6 @@ event_sandboxed_call(pkg_sandbox_cb func, int fd, void *ud)
{

	pid_t pid;

	int status, ret;
- 
	struct passwd *nobody;

	struct rlimit rl_zero;



	ret = -1;
@@ -262,19 +260,7 @@ event_sandboxed_call(pkg_sandbox_cb func, int fd, void *ud)
		return (ret);

	}
- 
	if (geteuid() == 0) {
- 
		nobody = getpwnam("nobody");
- 
		if (nobody == NULL)
- 
			err(EXIT_FAILURE, "Enable to drop priviledges");
- 
		if (chroot("/var/empty") == -1)
- 
			err(EXIT_FAILURE, "Enable to chroot in /var/empty");
- 
		chdir("/");
- 
		setgroups(1, &nobody->pw_gid);
- 
		setegid(nobody->pw_gid);
- 
		setgid(nobody->pw_gid);
- 
		seteuid(nobody->pw_uid);
- 
		setuid(nobody->pw_uid);
- 
	}
+ 
	drop_privileges();



	rl_zero.rlim_cur = rl_zero.rlim_max = 0;

	if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1)
@@ -300,7 +286,6 @@ event_sandboxed_get_string(pkg_sandbox_cb func, char **result, int64_t *len,
		void *ud)

{

	pid_t pid;
- 
	struct passwd *nobody;

	struct rlimit rl_zero;

	int	status, ret = EPKG_OK;

	int pair[2], r, allocated_len = 0, off = 0;
@@ -385,19 +370,7 @@ event_sandboxed_get_string(pkg_sandbox_cb func, char **result, int64_t *len,
	/* Here comes child process */

	close(pair[1]);
- 
	if (geteuid() == 0) {
- 
		nobody = getpwnam("nobody");
- 
		if (nobody == NULL)
- 
			err(EXIT_FAILURE, "Enable to drop priviledges");
- 
		if (chroot("/var/empty") == -1)
- 
			err(EXIT_FAILURE, "Enable to chroot in /var/empty");
- 
		chdir("/");
- 
		setgroups(1, &nobody->pw_gid);
- 
		setegid(nobody->pw_gid);
- 
		setgid(nobody->pw_gid);
- 
		seteuid(nobody->pw_uid);
- 
		setuid(nobody->pw_uid);
- 
	}
+ 
	drop_privileges();



	rl_zero.rlim_cur = rl_zero.rlim_max = 0;

	if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1)
modified src/pkgcli.h
@@ -277,6 +277,7 @@ void progressbar_tick(int64_t current, int64_t total);
void progressbar_stop(void);



void sbuf_flush(struct sbuf *buf);
+ 
void drop_privileges(void);



extern struct sbuf *messages;
modified src/utils.c
@@ -48,6 +48,7 @@
#include <stdio.h>

#include <stdlib.h>

#include <errno.h>
+ 
#include <pwd.h>

#include <pkg.h>



#include <bsd_compat.h>
@@ -1001,3 +1002,23 @@ sbuf_flush(struct sbuf *buf)
	printf("%s", sbuf_data(buf));

	sbuf_clear(buf);

}
+
+ 
void
+ 
drop_privileges(void)
+ 
{
+ 
	struct passwd *nobody;
+
+ 
	if (geteuid() == 0) {
+ 
		nobody = getpwnam("nobody");
+ 
		if (nobody == NULL)
+ 
			err(EXIT_FAILURE, "Enable to drop priviledges");
+ 
		if (chroot("/var/empty") == -1)
+ 
			err(EXIT_FAILURE, "Enable to chroot in /var/empty");
+ 
		chdir("/");
+ 
		setgroups(1, &nobody->pw_gid);
+ 
		setegid(nobody->pw_gid);
+ 
		setgid(nobody->pw_gid);
+ 
		seteuid(nobody->pw_uid);
+ 
		setuid(nobody->pw_uid);
+ 
	}
+ 
}