source: trunk/minix/commands/i386/mtools-3.9.7/privileges.c@ 15

Last change on this file since 15 was 9, checked in by Mattia Monga, 14 years ago

Minix 3.1.2a

File size: 3.7 KB
Line 
1#include "sysincludes.h"
2#include "msdos.h"
3#include "mtools.h"
4
5/*#define PRIV_DEBUG*/
6
7#if 0
8#undef HAVE_SETEUID
9#define HAVE_SETRESUID
10#include <asm/unistd.h>
11int setresuid(int a, int b, int c)
12{
13 syscall(164, a, b, c);
14
15}
16#endif
17
18static inline void print_privs(const char *message)
19{
20#ifdef PRIV_DEBUG
21 /* for debugging purposes only */
22 fprintf(stderr,"%s egid=%d rgid=%d\n", message, getegid(), getgid());
23 fprintf(stderr,"%s euid=%d ruid=%d\n", message, geteuid(), getuid());
24#endif
25}
26
27int noPrivileges=0;
28
29
30static gid_t rgid, egid;
31static uid_t ruid, euid;
32
33/* privilege management routines for SunOS and Solaris. These are
34 * needed in order to issue raw SCSI read/write ioctls. Mtools drops
35 * its privileges at the beginning, and reclaims them just for the
36 * above-mentioned ioctl's. Before popen(), exec() or system, it
37 * drops its privileges completely, and issues a warning.
38 */
39
40
41/* group id handling is lots easyer, as long as we don't use group 0.
42 * If you want to use group id's, create a *new* group mtools or
43 * floppy. Chgrp any devices that you only want to be accessible to
44 * mtools to this group, and give them the appropriate privs. Make
45 * sure this group doesn't own any other files: be aware that any user
46 * with access to mtools may mformat these files!
47 */
48
49
50static inline void Setuid(uid_t uid)
51{
52#if defined HAVE_SETEUID || defined HAVE_SETRESUID
53 if(euid == 0) {
54#ifdef HAVE_SETEUID
55 seteuid(uid);
56#else
57 setresuid(ruid, uid, euid);
58#endif
59 } else
60#endif
61 setuid(uid);
62}
63
64/* In reclaim_privs and drop privs, we have to manipulate group privileges
65 * when having no root privileges, else we might lose them */
66
67void reclaim_privs(void)
68{
69 if(noPrivileges)
70 return;
71 setgid(egid);
72 Setuid(euid);
73 print_privs("after reclaim privs, both uids should be 0 ");
74}
75
76void drop_privs(void)
77{
78 Setuid(ruid);
79 setgid(rgid);
80 print_privs("after drop_privs, real should be 0, effective should not ");
81}
82
83void destroy_privs(void)
84{
85
86#if defined HAVE_SETEUID || defined HAVE_SETRESUID
87 if(euid == 0) {
88#ifdef HAVE_SETEUID
89 setuid(0); /* get the necessary privs to drop real root id */
90 setuid(ruid); /* this should be enough to get rid of the three
91 * ids */
92 seteuid(ruid); /* for good measure... just in case we came
93 * accross a system which implemented sane
94 * semantics instead of POSIXly broken
95 * semantics for setuid */
96#else
97 setresuid(ruid, ruid, ruid);
98#endif
99 }
100#endif
101
102 /* we also destroy group privileges */
103 drop_privs();
104
105 /* saved set [ug]id will go away by itself on exec */
106
107 print_privs("destroy_privs, no uid should be zero ");
108}
109
110
111uid_t get_real_uid(void)
112{
113 return ruid;
114}
115
116void init_privs(void)
117{
118 euid = geteuid();
119 ruid = getuid();
120 egid = getegid();
121 rgid = getgid();
122
123#ifndef F_SETFD
124 if(euid != ruid) {
125 fprintf(stderr,
126 "Setuid installation not supported on this platform\n");
127 fprintf(stderr,
128 "Missing F_SETFD");
129 exit(1);
130 }
131#endif
132
133 if(euid == 0 && ruid != 0) {
134#ifdef HAVE_SETEUID
135 setuid(0); /* set real uid to 0 */
136#else
137#ifndef HAVE_SETRESUID
138 /* on this machine, it is not possible to reversibly drop
139 * root privileges. We print an error and quit */
140
141 /* BEOS is no longer a special case, as both euid and ruid
142 * return 0, and thus we do not get any longer into this
143 * branch */
144 fprintf(stderr,
145 "Seteuid call not supported on this architecture.\n");
146 fprintf(stderr,
147 "Mtools cannot be installed setuid root.\n");
148 fprintf(stderr,
149 "However, it can be installed setuid to a non root");
150 fprintf(stderr,
151 "user or setgid to any id.\n");
152 exit(1);
153#endif
154#endif
155 }
156
157 drop_privs();
158 print_privs("after init, real should be 0, effective should not ");
159}
160
161void closeExec(int fd)
162{
163#ifdef F_SETFD
164 fcntl(fd, F_SETFD, 1);
165#endif
166}
Note: See TracBrowser for help on using the repository browser.