… | |
… | |
4 | /*----------------------------------------------------------------------* |
4 | /*----------------------------------------------------------------------* |
5 | * File: proxy.C |
5 | * File: proxy.C |
6 | *----------------------------------------------------------------------* |
6 | *----------------------------------------------------------------------* |
7 | * |
7 | * |
8 | * All portions of code are copyright by their respective author/s. |
8 | * All portions of code are copyright by their respective author/s. |
9 | * Copyright (c) 2006 Marc Lehmann <pcg@goof.com> |
9 | * Copyright (c) 2006 Marc Lehmann <schmorp@schmorp.de> |
10 | * |
10 | * |
11 | * This program is free software; you can redistribute it and/or modify |
11 | * This program is free software; you can redistribute it and/or modify |
12 | * it under the terms of the GNU General Public License as published by |
12 | * it under the terms of the GNU General Public License as published by |
13 | * the Free Software Foundation; either version 2 of the License, or |
13 | * the Free Software Foundation; either version 2 of the License, or |
14 | * (at your option) any later version. |
14 | * (at your option) any later version. |
… | |
… | |
21 | * You should have received a copy of the GNU General Public License |
21 | * You should have received a copy of the GNU General Public License |
22 | * along with this program; if not, write to the Free Software |
22 | * along with this program; if not, write to the Free Software |
23 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
23 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
24 | *---------------------------------------------------------------------*/ |
24 | *---------------------------------------------------------------------*/ |
25 | |
25 | |
26 | #include "../config.h" |
26 | #include "config.h" |
27 | |
27 | |
28 | #include "ptytty.h" |
28 | #include "ptytty.h" |
29 | |
29 | |
30 | // helper/proxy support |
30 | #include <cstdio> |
31 | |
31 | #include <cstring> |
32 | #if PTYTTY_HELPER |
|
|
33 | |
|
|
34 | #include <csignal> |
32 | #include <csignal> |
35 | |
33 | |
36 | #include <sys/types.h> |
34 | #include <sys/types.h> |
37 | #include <sys/socket.h> |
35 | #include <sys/socket.h> |
38 | #include <unistd.h> |
36 | #include <unistd.h> |
39 | #include <fcntl.h> |
37 | #include <fcntl.h> |
|
|
38 | #include <errno.h> |
|
|
39 | |
|
|
40 | // helper/proxy support |
|
|
41 | |
|
|
42 | #if PTYTTY_HELPER |
40 | |
43 | |
41 | static int sock_fd = -1, lock_fd = -1; |
44 | static int sock_fd = -1, lock_fd = -1; |
42 | static int helper_pid, owner_pid; |
45 | static int helper_pid, owner_pid; |
43 | |
46 | |
44 | struct command |
47 | struct command |
… | |
… | |
123 | |
126 | |
124 | ptytty_proxy::~ptytty_proxy () |
127 | ptytty_proxy::~ptytty_proxy () |
125 | { |
128 | { |
126 | if (id) |
129 | if (id) |
127 | { |
130 | { |
|
|
131 | close_tty (); |
|
|
132 | |
|
|
133 | if (pty >= 0) |
|
|
134 | close (pty); |
|
|
135 | |
128 | NEED_TOKEN; |
136 | NEED_TOKEN; |
129 | |
137 | |
130 | command cmd; |
138 | command cmd; |
131 | |
139 | |
132 | cmd.type = command::destroy; |
140 | cmd.type = command::destroy; |
… | |
… | |
290 | #endif |
298 | #endif |
291 | return new ptytty_unix; |
299 | return new ptytty_unix; |
292 | } |
300 | } |
293 | |
301 | |
294 | void |
302 | void |
|
|
303 | ptytty::sanitise_stdfd () |
|
|
304 | { |
|
|
305 | // sanitise stdin/stdout/stderr to point to *something*. |
|
|
306 | for (int fd = 0; fd <= 2; ++fd) |
|
|
307 | if (fcntl (fd, F_GETFL) < 0 && errno == EBADF) |
|
|
308 | { |
|
|
309 | int fd2 = open ("/dev/tty", fd ? O_WRONLY : O_RDONLY); |
|
|
310 | |
|
|
311 | if (fd2 < 0) |
|
|
312 | fd2 = open ("/dev/null", fd ? O_WRONLY : O_RDONLY); |
|
|
313 | |
|
|
314 | if (fd2 != fd) |
|
|
315 | abort (); |
|
|
316 | } |
|
|
317 | } |
|
|
318 | |
|
|
319 | void |
295 | ptytty::init () |
320 | ptytty::init () |
296 | { |
321 | { |
|
|
322 | sanitise_stdfd (); |
|
|
323 | |
297 | uid_t uid = getuid (); |
324 | uid_t uid = getuid (); |
298 | gid_t gid = getgid (); |
325 | gid_t gid = getgid (); |
299 | |
326 | |
300 | // before doing anything else, check for setuid/setgid operation, |
327 | // before doing anything else, check for setuid/setgid operation, |
301 | // start the helper process and drop privileges |
328 | // start the helper process and drop privileges |
302 | if (uid != geteuid () |
329 | if (uid != geteuid () |
303 | || gid != getegid ()) |
330 | || gid != getegid ()) |
304 | { |
331 | { |