diff options
author | Rob Landley <rob@landley.net> | 2016-01-30 16:28:13 -0600 |
---|---|---|
committer | Rob Landley <rob@landley.net> | 2016-01-30 16:28:13 -0600 |
commit | ca311f1a41a579a57076adfeb2cc08b20dbca21a (patch) | |
tree | 464d3d1daba831016cdd4ac17f0996706e7cd229 | |
parent | 4a13ca98e18cea4acc8d605653d0ee8425e34f59 (diff) | |
download | toybox-ca311f1a41a579a57076adfeb2cc08b20dbca21a.tar.gz |
Fix two CFG_TOYBOX_SUID corner cases:
1) Don't try to force re-exec unless we actually dropped permissions.
(Fixes "./toybox mount" when no suid bit on toybox binary, which
previously exited.)
2) Set temporary toys.which value for error reporting.
(Fixes "ln -s toybox mount && ./mount" with CFG_TOYBOX_DEBUG and
no suid bit, which previously segfaulted.)
-rw-r--r-- | main.c | 11 | ||||
-rw-r--r-- | toys.h | 7 |
2 files changed, 12 insertions, 6 deletions
@@ -96,15 +96,20 @@ static void toy_singleinit(struct toy_list *which, char *argv[]) // Full init needed by multiplexer or reentrant calls, calls singleinit at end void toy_init(struct toy_list *which, char *argv[]) { + void *oldwhich = toys.which; + // Drop permissions for non-suid commands. if (CFG_TOYBOX_SUID) { + if (!toys.which) toys.which = toy_list; + uid_t uid = getuid(), euid = geteuid(); if (!(which->flags & TOYFLAG_STAYROOT)) { if (uid != euid) { if (!setuid(uid)) perror_exit("setuid %d->%d", euid, uid); // drop root - else euid = uid; + euid = uid; + toys.wasroot++; } } else if (CFG_TOYBOX_DEBUG && uid && which != toy_list) error_msg("Not installed suid root"); @@ -116,7 +121,7 @@ void toy_init(struct toy_list *which, char *argv[]) // don't blank old optargs if our new argc lives in the old optargs. if (argv<toys.optargs || argv>toys.optargs+toys.optc) free(toys.optargs); memset(&toys, 0, offsetof(struct toy_context, rebound)); - if (toys.which) memset(&this, 0, sizeof(this)); + if (oldwhich) memset(&this, 0, sizeof(this)); // Continue to portion of init needed by standalone commands toy_singleinit(which, argv); @@ -136,7 +141,7 @@ void toy_exec(char *argv[]) return; // Return if we need to re-exec to acquire root via suid bit. - if (toys.which && (which->flags&TOYFLAG_ROOTONLY) && getuid()) return; + if (toys.which && (which->flags&TOYFLAG_ROOTONLY) && toys.wasroot) return; // Run command toy_init(which, argv); @@ -127,13 +127,14 @@ extern struct toy_context { int exitval; // Value error_exit feeds to exit() int optc; // Count of optargs int old_umask; // Old umask preserved by TOYFLAG_UMASK - int toycount; // Total number of commands in this build - int signal; // generic_signal() records what signal it saw here + short toycount; // Total number of commands in this build + short signal; // generic_signal() records what signal it saw here int signalfd; // and writes signal to this fd, if set + int wasroot; // dropped setuid // This is at the end so toy_init() doesn't zero it. jmp_buf *rebound; // longjmp here instead of exit when do_rebound set - void *stacktop; // nested toy_exec() call count, or -1 if vforked + void *stacktop; // nested toy_exec() call count, or 0 if vforked } toys; // Two big temporary buffers: one for use by commands, one for library functions |