|
Lines 246-251
Link Here
|
| 246 |
* Thu Apr 29 15:24:07 2004: Solar Designer <solar@openwall.com> |
246 |
* Thu Apr 29 15:24:07 2004: Solar Designer <solar@openwall.com> |
| 247 |
* Prevent potential buffer overflow in reading messages from the |
247 |
* Prevent potential buffer overflow in reading messages from the |
| 248 |
* kernel log rinbuffer. |
248 |
* kernel log rinbuffer. |
|
|
249 |
* |
| 250 |
* Thu Oct 12 00:12:02 2006: Miguel Filipe <miguel.filipe@gmail.com> |
| 251 |
* fix drop_root() to work correctly with capabilities |
| 249 |
*/ |
252 |
*/ |
| 250 |
|
253 |
|
| 251 |
|
254 |
|
|
Lines 263-268
Link Here
|
| 263 |
#include <stdlib.h> |
266 |
#include <stdlib.h> |
| 264 |
#include <pwd.h> |
267 |
#include <pwd.h> |
| 265 |
#include <grp.h> |
268 |
#include <grp.h> |
|
|
269 |
#include <sys/prctl.h> |
| 270 |
#include <sys/capability.h> |
| 266 |
#include "klogd.h" |
271 |
#include "klogd.h" |
| 267 |
#include "ksyms.h" |
272 |
#include "ksyms.h" |
| 268 |
#ifndef TESTING |
273 |
#ifndef TESTING |
|
Lines 989-994
Link Here
|
| 989 |
static int drop_root(void) |
994 |
static int drop_root(void) |
| 990 |
{ |
995 |
{ |
| 991 |
struct passwd *pw; |
996 |
struct passwd *pw; |
|
|
997 |
cap_t cap; |
| 998 |
cap_value_t cap_value[2] = { CAP_SYS_ADMIN, CAP_SYS_CHROOT }; |
| 999 |
int result; |
| 992 |
|
1000 |
|
| 993 |
if (!(pw = getpwnam(server_user))) return -1; |
1001 |
if (!(pw = getpwnam(server_user))) return -1; |
| 994 |
|
1002 |
|
|
Lines 999-1008
Link Here
|
| 999 |
if (chdir("/")) return -1; |
1007 |
if (chdir("/")) return -1; |
| 1000 |
} |
1008 |
} |
| 1001 |
|
1009 |
|
|
|
1010 |
/* set keep capabilities */ |
| 1011 |
if( prctl( PR_SET_KEEPCAPS, 1, 0, 0, 0 ) ) |
| 1012 |
return -1; |
| 1013 |
|
| 1014 |
/* test whether cap_set_proc works */ |
| 1015 |
cap = cap_get_proc(); |
| 1016 |
if( cap ) { |
| 1017 |
result = cap_set_proc( cap ); |
| 1018 |
cap_free( cap ); |
| 1019 |
if( result ) |
| 1020 |
return -1; |
| 1021 |
} else |
| 1022 |
return -1; |
| 1023 |
|
| 1024 |
|
| 1002 |
if (setgroups(0, NULL)) return -1; |
1025 |
if (setgroups(0, NULL)) return -1; |
| 1003 |
if (setgid(pw->pw_gid)) return -1; |
1026 |
if (setgid(pw->pw_gid)) return -1; |
| 1004 |
if (setuid(pw->pw_uid)) return -1; |
1027 |
if (setuid(pw->pw_uid)) return -1; |
| 1005 |
|
1028 |
|
|
|
1029 |
/* set necessary capabilities */ |
| 1030 |
cap = cap_init(); |
| 1031 |
if( cap_set_flag( cap, CAP_PERMITTED, 2, cap_value, CAP_SET ) || |
| 1032 |
cap_set_flag( cap, CAP_EFFECTIVE, 2, cap_value, CAP_SET ) ) |
| 1033 |
return -1; |
| 1034 |
|
| 1035 |
if( cap_set_proc( cap ) ) |
| 1036 |
return -1; |
| 1037 |
if( cap_free( cap ) ) |
| 1038 |
return -1; |
| 1039 |
|
| 1006 |
return 0; |
1040 |
return 0; |
| 1007 |
} |
1041 |
} |
| 1008 |
|
1042 |
|
