winix can drop privileges now (if started as the root)
added parameters to the config: user (string) group (string) additional_groups (bool) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@668 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
217
core/app.cpp
217
core/app.cpp
@@ -7,6 +7,11 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <pwd.h>
|
||||
#include <grp.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "app.h"
|
||||
#include "plugin.h"
|
||||
#include "misc.h"
|
||||
@@ -138,7 +143,7 @@ bool App::Init()
|
||||
db.LogQueries(config.log_db_query);
|
||||
|
||||
if( !CreateFCGISocket() )
|
||||
return false;
|
||||
return false; // !! dodac logsave do logow
|
||||
|
||||
request.Clear();
|
||||
compress.Init();
|
||||
@@ -148,7 +153,7 @@ bool App::Init()
|
||||
// !! teraz mamy dwa katalogi z templetami
|
||||
// !! o co chodzilo?
|
||||
if( !notify.Init() )
|
||||
return false;
|
||||
return false; // !! dodac logsave do logow
|
||||
|
||||
// call this after system.Init() (mount points identificators should be created)
|
||||
templates_notify.SetMountTypes( system.mounts.MountTypeCms(),
|
||||
@@ -714,3 +719,211 @@ Error status = request.status;
|
||||
FilterCompressSend(compressing, source);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void App::LogUser(const char * msg, uid_t id)
|
||||
{
|
||||
log << log3 << msg << " ";
|
||||
|
||||
passwd * p = getpwuid(id);
|
||||
|
||||
if( p )
|
||||
log << p->pw_name;
|
||||
else
|
||||
log << id;
|
||||
|
||||
log << logend;
|
||||
}
|
||||
|
||||
|
||||
void App::LogGroup(const char * msg, gid_t id, bool put_logend)
|
||||
{
|
||||
log << log3 << msg << " ";
|
||||
|
||||
group * g = getgrgid(id);
|
||||
|
||||
if( g )
|
||||
log << g->gr_name;
|
||||
else
|
||||
log << (int)id;
|
||||
|
||||
if( put_logend )
|
||||
log << logend;
|
||||
}
|
||||
|
||||
|
||||
void App::LogUsers()
|
||||
{
|
||||
uid_t eid, rid;
|
||||
|
||||
eid = geteuid();
|
||||
rid = getuid();
|
||||
|
||||
if( eid == rid )
|
||||
{
|
||||
LogUser("App: effective/real user:", eid);
|
||||
}
|
||||
else
|
||||
{
|
||||
LogUser("App: effective user:", eid);
|
||||
LogUser("App: real user:", rid);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
void App::LogEffectiveGroups(std::vector<gid_t> & tab)
|
||||
{
|
||||
log << log3 << "App: effective groups:";
|
||||
|
||||
for(size_t i=0 ; i<tab.size() ; ++i)
|
||||
{
|
||||
bool was_printed = false;
|
||||
|
||||
for(size_t x=0 ; x<i ; ++x)
|
||||
{
|
||||
if( tab[i] == tab[x] )
|
||||
{
|
||||
was_printed = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if( !was_printed )
|
||||
LogGroup("", tab[i], false);
|
||||
}
|
||||
|
||||
log << logend;
|
||||
}
|
||||
|
||||
|
||||
void App::LogGroups()
|
||||
{
|
||||
std::vector<gid_t> tab;
|
||||
gid_t rgid;
|
||||
int len;
|
||||
|
||||
rgid = getgid();
|
||||
len = getgroups(0, 0);
|
||||
|
||||
if( len <= 0 )
|
||||
{
|
||||
log << log3 << "App: I can't read how many groups there are" << logend;
|
||||
return;
|
||||
}
|
||||
|
||||
tab.resize(len);
|
||||
len = getgroups(len, &(tab[0]));
|
||||
|
||||
if( len == -1 )
|
||||
{
|
||||
log << log3 << "App: I can't read groups" << logend;
|
||||
return;
|
||||
}
|
||||
|
||||
if( len == 1 && rgid == tab[0] )
|
||||
{
|
||||
LogGroup("App: effective/real group:", rgid);
|
||||
}
|
||||
else
|
||||
{
|
||||
tab.resize(len);
|
||||
LogEffectiveGroups(tab);
|
||||
LogGroup("App: real group:", rgid);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void App::LogUserGroups()
|
||||
{
|
||||
LogUsers();
|
||||
LogGroups();
|
||||
}
|
||||
|
||||
|
||||
|
||||
bool App::DropPrivileges(const std::string & user, uid_t uid, gid_t gid, bool additional_groups)
|
||||
{
|
||||
if( additional_groups )
|
||||
{
|
||||
if( initgroups(user.c_str(), gid) < 0 )
|
||||
{
|
||||
log << log1 << "App: I can't init groups for user: " << user << logend << logsave;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if( setgroups(1, &gid) < 0 )
|
||||
{
|
||||
log << log1 << "App: I can't init groups for user: " << user << logend << logsave;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// for setting real and saved gid too
|
||||
if( setgid(gid) )
|
||||
{
|
||||
log << log1 << "App: I can't change real and saved gid" << logend << logsave;
|
||||
return false;
|
||||
}
|
||||
|
||||
if( setuid(uid) < 0 )
|
||||
{
|
||||
log << log1 << "App: I can't drop privileges to user: " << user
|
||||
<< " (uid:" << uid << ")" << logend << logsave;
|
||||
return false;
|
||||
}
|
||||
|
||||
if( getuid()==0 || geteuid()==0 )
|
||||
{
|
||||
log << log1 << "App: sorry, for security reasons you should not run me as the root" << logend << logsave;
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
bool App::DropPrivileges()
|
||||
{
|
||||
if( getuid()!=0 && geteuid()!=0 )
|
||||
return true;
|
||||
|
||||
log << log2 << "App: dropping privileges" << logend;
|
||||
|
||||
if( config.user.empty() )
|
||||
{
|
||||
log << log1 << "App: you should specify user name in the config file "
|
||||
<< "to which I have to drop privileges" << logend << logsave;
|
||||
return false;
|
||||
}
|
||||
|
||||
if( config.group.empty() )
|
||||
{
|
||||
log << log1 << "App: you should specify group name in the config file "
|
||||
<< "to which I have to drop privileges" << logend << logsave;
|
||||
return false;
|
||||
}
|
||||
|
||||
passwd * p = getpwnam(config.user.c_str());
|
||||
group * g = getgrnam(config.group.c_str());
|
||||
|
||||
if( !p )
|
||||
{
|
||||
log << log1 << "App: there is no such a user as: \"" << config.user << "\"" << logend << logsave;
|
||||
return false;
|
||||
}
|
||||
|
||||
if( !g )
|
||||
{
|
||||
log << log1 << "App: there is no such a group as: \"" << config.group << "\"" << logend << logsave;
|
||||
return false;
|
||||
}
|
||||
|
||||
if( !DropPrivileges(config.user, p->pw_uid, g->gr_gid, config.additional_groups) )
|
||||
return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user