diff options
Diffstat (limited to 'src/daemon/caps.c')
| -rw-r--r-- | src/daemon/caps.c | 142 |
1 files changed, 44 insertions, 98 deletions
diff --git a/src/daemon/caps.c b/src/daemon/caps.c index 957824d9..74ccb1c8 100644 --- a/src/daemon/caps.c +++ b/src/daemon/caps.c @@ -1,18 +1,19 @@ -/* $Id$ */ - /*** This file is part of PulseAudio. - + + Copyright 2004-2006 Lennart Poettering + Copyright 2006 Pierre Ossman <ossman@cendio.se> for Cendio AB + PulseAudio is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published - by the Free Software Foundation; either version 2 of the License, + by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. - + PulseAudio is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU Lesser General Public License along with PulseAudio; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 @@ -23,19 +24,22 @@ #include <config.h> #endif -#include <assert.h> #include <unistd.h> #include <errno.h> -#include <string.h> #include <sys/types.h> +#include <pulse/i18n.h> + +#include <pulsecore/macro.h> +#include <pulsecore/log.h> + #ifdef HAVE_SYS_CAPABILITY_H #include <sys/capability.h> #endif -#include <pulsecore/core-error.h> - -#include <pulsecore/log.h> +#ifdef HAVE_SYS_PRCTL_H +#include <sys/prctl.h> +#endif #include "caps.h" @@ -45,105 +49,47 @@ int setresgid(gid_t r, gid_t e, gid_t s); int setresuid(uid_t r, uid_t e, uid_t s); #endif -#ifdef HAVE_GETUID - /* Drop root rights when called SUID root */ void pa_drop_root(void) { - uid_t uid = getuid(); - - if (uid == 0 || geteuid() != 0) - return; - pa_log_info(__FILE__": dropping root rights."); +#ifdef HAVE_GETUID + uid_t uid; + gid_t gid; + + pa_log_debug(_("Cleaning up privileges.")); + uid = getuid(); + gid = getgid(); #if defined(HAVE_SETRESUID) - setresuid(uid, uid, uid); + pa_assert_se(setresuid(uid, uid, uid) >= 0); + pa_assert_se(setresgid(gid, gid, gid) >= 0); #elif defined(HAVE_SETREUID) - setreuid(uid, uid); + pa_assert_se(setreuid(uid, uid) >= 0); + pa_assert_se(setregid(gid, gid) >= 0); #else - setuid(uid); - seteuid(uid); + pa_assert_se(setuid(uid) >= 0); + pa_assert_se(seteuid(uid) >= 0); + pa_assert_se(setgid(gid) >= 0); + pa_assert_se(setegid(gid) >= 0); #endif -} - -#else -void pa_drop_root(void) { -} + pa_assert_se(getuid() == uid); + pa_assert_se(geteuid() == uid); + pa_assert_se(getgid() == gid); + pa_assert_se(getegid() == gid); +#endif +#ifdef HAVE_SYS_PRCTL_H + pa_assert_se(prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0) == 0); #endif #ifdef HAVE_SYS_CAPABILITY_H - -/* Limit capabilities set to CAPSYS_NICE */ -int pa_limit_caps(void) { - int r = -1; - cap_t caps; - cap_value_t nice_cap = CAP_SYS_NICE; - - /* Only drop caps when called SUID */ - if (getuid() != 0) - return 0; - - caps = cap_init(); - assert(caps); - - cap_clear(caps); - - cap_set_flag(caps, CAP_EFFECTIVE, 1, &nice_cap, CAP_SET); - cap_set_flag(caps, CAP_PERMITTED, 1, &nice_cap, CAP_SET); - - if (cap_set_proc(caps) < 0) - goto fail; - - pa_log_info(__FILE__": dropped capabilities successfully."); - - r = 0; - -fail: - cap_free (caps); - - return r; -} - -/* Drop all capabilities, effectively becoming a normal user */ -int pa_drop_caps(void) { - cap_t caps; - int r = -1; - - /* Only drop caps when called SUID */ - if (getuid() != 0) - return 0; - - caps = cap_init(); - assert(caps); - - cap_clear(caps); - - if (cap_set_proc(caps) < 0) { - pa_log(__FILE__": failed to drop capabilities: %s", pa_cstrerror(errno)); - goto fail; + if (uid != 0) { + cap_t caps; + pa_assert_se(caps = cap_init()); + pa_assert_se(cap_clear(caps) == 0); + pa_assert_se(cap_set_proc(caps) == 0); + pa_assert_se(cap_free(caps) == 0); } - - r = 0; - -fail: - cap_free (caps); - - return r; -} - -#else - -/* NOOPs in case capabilities are not available. */ -int pa_limit_caps(void) { - return 0; -} - -int pa_drop_caps(void) { - pa_drop_root(); - return 0; -} - #endif - +} |