aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorRob Landley <rob@landley.net>2013-12-23 06:49:38 -0600
committerRob Landley <rob@landley.net>2013-12-23 06:49:38 -0600
commitafba5b8efdf1bac2c02ca787840a2be053c800f7 (patch)
tree1af5b850e90663fb3be71597d02cd525bf5be4e8 /lib
parent5a73f3992d75dd4c7beefae2fa8a843d14372b19 (diff)
downloadtoybox-afba5b8efdf1bac2c02ca787840a2be053c800f7.tar.gz
Fix some issues raised (albeit indirectly) by Isaac Dunham.
POLL_IN defined as a constant by some libc. Factor out login.c's change_identity() to xwrap.c as xsetuser(). Replace xsetuid() with xsetuser() Put a space between argument globals and non-argument globals. TT starts zeroed, don't need to re-zero entries in it. STDIN_FILENO has been 0 since 1969, even DOS copied that. Just say 0. Added an xchroot() using xchdir() to lib/xwrap.c. Remove endgrent() call until somebody can explain why it was there.
Diffstat (limited to 'lib')
-rw-r--r--lib/lib.h3
-rw-r--r--lib/xwrap.c23
2 files changed, 17 insertions, 9 deletions
diff --git a/lib/lib.h b/lib/lib.h
index 3d326499..c46aacaa 100644
--- a/lib/lib.h
+++ b/lib/lib.h
@@ -109,11 +109,12 @@ void xstat(char *path, struct stat *st);
char *xabspath(char *path, int exact);
char *xrealpath(char *path);
void xchdir(char *path);
+void xchroot(char *path);
void xmkpath(char *path, int mode);
-void xsetuid(uid_t uid);
struct passwd *xgetpwuid(uid_t uid);
struct group *xgetgrgid(gid_t gid);
struct passwd *xgetpwnam(char *name);
+void xsetuser(struct passwd *pwd);
char *xreadlink(char *name);
long xparsetime(char *arg, long units, long *fraction);
void xpidfile(char *name);
diff --git a/lib/xwrap.c b/lib/xwrap.c
index c0c8a44b..08a93ddf 100644
--- a/lib/xwrap.c
+++ b/lib/xwrap.c
@@ -363,6 +363,12 @@ void xchdir(char *path)
if (chdir(path)) error_exit("chdir '%s'", path);
}
+void xchroot(char *path)
+{
+ if (chroot(path)) error_exit("chroot '%s'", path);
+ xchdir("/");
+}
+
// Ensure entire path exists.
// If mode != -1 set permissions on newly created dirs.
// Requires that path string be writable (for temporary null terminators).
@@ -391,14 +397,6 @@ void xmkpath(char *path, int mode)
}
}
-// setuid() can fail (for example, too many processes belonging to that user),
-// which opens a security hole if the process continues as the original user.
-
-void xsetuid(uid_t uid)
-{
- if (setuid(uid)) perror_exit("xsetuid");
-}
-
struct passwd *xgetpwuid(uid_t uid)
{
struct passwd *pwd = getpwuid(uid);
@@ -420,6 +418,15 @@ struct passwd *xgetpwnam(char *name)
return up;
}
+// setuid() can fail (for example, too many processes belonging to that user),
+// which opens a security hole if the process continues as the original user.
+
+void xsetuser(struct passwd *pwd)
+{
+ if (initgroups(pwd->pw_name, pwd->pw_gid) || setgid(pwd->pw_uid)
+ || setuid(pwd->pw_uid)) perror_exit("xsetuser '%s'", pwd->pw_name);
+}
+
// This can return null (meaning file not found). It just won't return null
// for memory allocation reasons.
char *xreadlink(char *name)