aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRob Landley <rob@landley.net>2016-01-30 16:28:13 -0600
committerRob Landley <rob@landley.net>2016-01-30 16:28:13 -0600
commitca311f1a41a579a57076adfeb2cc08b20dbca21a (patch)
tree464d3d1daba831016cdd4ac17f0996706e7cd229
parent4a13ca98e18cea4acc8d605653d0ee8425e34f59 (diff)
downloadtoybox-ca311f1a41a579a57076adfeb2cc08b20dbca21a.tar.gz
Fix two CFG_TOYBOX_SUID corner cases:
1) Don't try to force re-exec unless we actually dropped permissions. (Fixes "./toybox mount" when no suid bit on toybox binary, which previously exited.) 2) Set temporary toys.which value for error reporting. (Fixes "ln -s toybox mount && ./mount" with CFG_TOYBOX_DEBUG and no suid bit, which previously segfaulted.)
-rw-r--r--main.c11
-rw-r--r--toys.h7
2 files changed, 12 insertions, 6 deletions
diff --git a/main.c b/main.c
index 3949c84c..e95c6417 100644
--- a/main.c
+++ b/main.c
@@ -96,15 +96,20 @@ static void toy_singleinit(struct toy_list *which, char *argv[])
// Full init needed by multiplexer or reentrant calls, calls singleinit at end
void toy_init(struct toy_list *which, char *argv[])
{
+ void *oldwhich = toys.which;
+
// Drop permissions for non-suid commands.
if (CFG_TOYBOX_SUID) {
+ if (!toys.which) toys.which = toy_list;
+
uid_t uid = getuid(), euid = geteuid();
if (!(which->flags & TOYFLAG_STAYROOT)) {
if (uid != euid) {
if (!setuid(uid)) perror_exit("setuid %d->%d", euid, uid); // drop root
- else euid = uid;
+ euid = uid;
+ toys.wasroot++;
}
} else if (CFG_TOYBOX_DEBUG && uid && which != toy_list)
error_msg("Not installed suid root");
@@ -116,7 +121,7 @@ void toy_init(struct toy_list *which, char *argv[])
// don't blank old optargs if our new argc lives in the old optargs.
if (argv<toys.optargs || argv>toys.optargs+toys.optc) free(toys.optargs);
memset(&toys, 0, offsetof(struct toy_context, rebound));
- if (toys.which) memset(&this, 0, sizeof(this));
+ if (oldwhich) memset(&this, 0, sizeof(this));
// Continue to portion of init needed by standalone commands
toy_singleinit(which, argv);
@@ -136,7 +141,7 @@ void toy_exec(char *argv[])
return;
// Return if we need to re-exec to acquire root via suid bit.
- if (toys.which && (which->flags&TOYFLAG_ROOTONLY) && getuid()) return;
+ if (toys.which && (which->flags&TOYFLAG_ROOTONLY) && toys.wasroot) return;
// Run command
toy_init(which, argv);
diff --git a/toys.h b/toys.h
index 8bd3be27..4bfccb15 100644
--- a/toys.h
+++ b/toys.h
@@ -127,13 +127,14 @@ extern struct toy_context {
int exitval; // Value error_exit feeds to exit()
int optc; // Count of optargs
int old_umask; // Old umask preserved by TOYFLAG_UMASK
- int toycount; // Total number of commands in this build
- int signal; // generic_signal() records what signal it saw here
+ short toycount; // Total number of commands in this build
+ short signal; // generic_signal() records what signal it saw here
int signalfd; // and writes signal to this fd, if set
+ int wasroot; // dropped setuid
// This is at the end so toy_init() doesn't zero it.
jmp_buf *rebound; // longjmp here instead of exit when do_rebound set
- void *stacktop; // nested toy_exec() call count, or -1 if vforked
+ void *stacktop; // nested toy_exec() call count, or 0 if vforked
} toys;
// Two big temporary buffers: one for use by commands, one for library functions