From 8b000a20cc367c727b9f2c0d8e68372d0c9df995 Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Sun, 16 Jul 2017 16:52:08 +0000 Subject: More secure setgroups functions. (thanks muh) --- AUTHORS | 1 + package/deps.mak | 2 +- src/include/skalibs/setgroups.h | 1 + src/libstddjb/prot_grps.c | 14 ++++++++++++-- src/libstddjb/setgroups.c | 8 ++++++-- 5 files changed, 21 insertions(+), 5 deletions(-) diff --git a/AUTHORS b/AUTHORS index 4976391..286a0cc 100644 --- a/AUTHORS +++ b/AUTHORS @@ -25,3 +25,4 @@ Thanks to: Roman I Khimov Yannick DuchĂȘne + Michael Zuo diff --git a/package/deps.mak b/package/deps.mak index 99611a2..372f806 100644 --- a/package/deps.mak +++ b/package/deps.mak @@ -430,7 +430,7 @@ src/libstddjb/pathexec_run.o src/libstddjb/pathexec_run.lo: src/libstddjb/pathex src/libstddjb/pipe_internal.o src/libstddjb/pipe_internal.lo: src/libstddjb/pipe_internal.c src/include/skalibs/djbunix.h src/include/skalibs/nonposix.h src/include/skalibs/sysdeps.h src/libstddjb/prog.o src/libstddjb/prog.lo: src/libstddjb/prog.c src/include/skalibs/strerr2.h src/libstddjb/prot.o src/libstddjb/prot.lo: src/libstddjb/prot.c src/include/skalibs/djbunix.h -src/libstddjb/prot_grps.o src/libstddjb/prot_grps.lo: src/libstddjb/prot_grps.c src/include/skalibs/djbunix.h src/include/skalibs/nonposix.h src/include/skalibs/setgroups.h +src/libstddjb/prot_grps.o src/libstddjb/prot_grps.lo: src/libstddjb/prot_grps.c src/include/skalibs/djbunix.h src/include/skalibs/setgroups.h src/libstddjb/prot_readgroups.o src/libstddjb/prot_readgroups.lo: src/libstddjb/prot_readgroups.c src/include/skalibs/djbunix.h src/libstddjb/rm_rf.o src/libstddjb/rm_rf.lo: src/libstddjb/rm_rf.c src/include/skalibs/djbunix.h src/include/skalibs/skamisc.h src/libstddjb/rm_rf_in_tmp.o src/libstddjb/rm_rf_in_tmp.lo: src/libstddjb/rm_rf_in_tmp.c src/include/skalibs/direntry.h src/include/skalibs/djbunix.h src/include/skalibs/stralloc.h diff --git a/src/include/skalibs/setgroups.h b/src/include/skalibs/setgroups.h index fab0614..98998e0 100644 --- a/src/include/skalibs/setgroups.h +++ b/src/include/skalibs/setgroups.h @@ -9,6 +9,7 @@ #include +extern int setgroups_and_gid (gid_t, size_t, gid_t const *) ; extern int setgroups_with_egid (size_t, gid_t const *) ; extern int skalibs_setgroups (size_t, gid_t const *) ; diff --git a/src/libstddjb/prot_grps.c b/src/libstddjb/prot_grps.c index cc4ba0d..c5ea35b 100644 --- a/src/libstddjb/prot_grps.c +++ b/src/libstddjb/prot_grps.c @@ -2,16 +2,26 @@ /* MT-unsafe */ -#include #include +#include #include #include +#include #include #include int prot_grps (char const *name) { gid_t tab[NGROUPS_MAX] ; + struct passwd *pw ; int n = prot_readgroups(name, tab, NGROUPS_MAX) ; - return n < 0 ? -1 : setgroups(n, tab) ; + if (n < 0) return n ; + errno = 0 ; + pw = getpwnam(name) ; + if (!pw) + { + if (!errno) errno = ENOENT ; + return -1 ; + } + return setgroups_and_gid(pw->pw_gid, n, tab) ; } diff --git a/src/libstddjb/setgroups.c b/src/libstddjb/setgroups.c index c7610ab..d064ed2 100644 --- a/src/libstddjb/setgroups.c +++ b/src/libstddjb/setgroups.c @@ -10,10 +10,9 @@ #include #include -int setgroups_with_egid (size_t n, gid_t const *tab) +int setgroups_and_gid (gid_t g, size_t n, gid_t const *tab) { size_t i = 1 ; - gid_t g = getegid() ; if (!n) return setgroups(1, &g) ; if (tab[0] == g) return setgroups(n, tab) ; for (; i < n ; i++) if (tab[i] == g) break ; @@ -34,6 +33,11 @@ int setgroups_with_egid (size_t n, gid_t const *tab) } } +int setgroups_with_egid (size_t n, gid_t const *tab) +{ + return setgroups_and_gid(getegid(), n, tab) ; +} + int skalibs_setgroups (size_t n, gid_t const *tab) { #ifdef SKALIBS_BSD_SUCKS -- cgit v1.2.3