ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

2629. [port] Check for seteuid()/setegid(), use setresuid()/

Browse Source 
setresgid() if not present. [RT #19932]
This commit is contained in:
Evan Hunt
2009-07-14 22:39:30 +00:00
parent 00f35bc78c
commit 38cd4d14cc
5 changed files with 251 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@@ -1,3 +1,6 @@
2629. [port] Check for seteuid()/setegid(), use setresuid()/
setresgid() if not present. [RT #19932]
2628. [port] linux: Allow /var/run/named/named.pid to be opened
at startup with reduced capabilities in operation.
[RT #19884]

55
bin/named/unix/os.c
View File

@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: os.c,v 1.96 2009/07/14 05:15:00 marka Exp $ */
/* $Id: os.c,v 1.97 2009/07/14 22:38:38 each Exp $ */
/*! \file */
@@ -718,6 +718,34 @@ mkdirpath(char *filename, void (*report)(const char *, ...)) {
return (-1);
}
static void
setperms(uid_t uid, gid_t gid, void (*report)(const char *, ...)) {
char strbuf[ISC_STRERRORSIZE];
#if defined(HAVE_SETEGID)
if (setegid(gid) == -1) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("unable to set effective gid: %s", strbuf);
}
#elif defined(HAVE_SETRESGID)
if (setresgid(-1, gid, -1) == -1) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("unable to set effective gid: %s", strbuf);
}
#endif
#if defined(HAVE_SETEUID)
if (seteuid(uid) == -1) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("unable to set effective uid: %s", strbuf);
}
#elif defined(HAVE_SETRESUID)
if (setresuid(-1, uid, -1) == -1) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("unable to set effective uid: %s", strbuf);
}
#endif
}
void
ns_os_writepidfile(const char *filename, isc_boolean_t first_time) {
int fd;
@@ -763,29 +791,10 @@ ns_os_writepidfile(const char *filename, isc_boolean_t first_time) {
* Open the file using the uid/gid pair we will eventually
* be running as.
*/
if (setegid(runas_pw->pw_gid) == -1) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("unable to set effective gid: %s", strbuf);
/* NOTREACHED */
}
if (seteuid(runas_pw->pw_uid) == -1) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("unable to set effective uid: %s", strbuf);
/* NOTREACHED */
}
setperms(runas_pw->pw_uid, runas_pw->pw_gid, report);
fd = safe_open(filename, ISC_FALSE);
if (seteuid(0) == -1) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("unable to restore effective uid: %s",
strbuf);
/* NOTREACHED */
}
if (setegid(0) == -1) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("unable to restore effective gid: %s",
strbuf);
/* NOTREACHED */
}
setperms(0, 0, report);
if (fd == -1) {
/*
* Backwards compatibility.

14
config.h.in
View File

@@ -16,7 +16,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: config.h.in,v 1.115 2009/06/10 02:23:42 marka Exp $ */
/* $Id: config.h.in,v 1.117 2009/08/13 01:51:19 marka Exp $ */
/*! \file */
@@ -220,9 +220,21 @@ int sigwait(const unsigned int *set, int *sig);
/* Define to 1 if you have the <regex.h> header file. */
#undef HAVE_REGEX_H
/* Define to 1 if you have the `setegid' function. */
#undef HAVE_SETEGID
/* Define to 1 if you have the `seteuid' function. */
#undef HAVE_SETEUID
/* Define to 1 if you have the `setlocale' function. */
#undef HAVE_SETLOCALE
/* Define to 1 if you have the `setresgid' function. */
#undef HAVE_SETRESGID
/* Define to 1 if you have the `setresuid' function. */
#undef HAVE_SETRESUID
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H

198
configure vendored
View File

@@ -14,7 +14,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
#
# $Id: configure,v 1.457 2009/06/30 02:53:46 each Exp $
# $Id: configure,v 1.458 2009/07/14 22:39:30 each Exp $
#
# Portions Copyright (C) 1996-2001 Nominum, Inc.
#
@@ -29,7 +29,7 @@
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# From configure.in Revision: 1.471 .
# From configure.in Revision: 1.472 .
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.61.
#
@@ -20920,6 +20920,200 @@ _ACEOF
fi
#
# Older versions of HP/UX don't define seteuid() and setegid()
#
for ac_func in seteuid setresuid
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
{ echo "$as_me:$LINENO: checking for $ac_func" >&5
echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
For example, HP-UX 11i <limits.h> declares gettimeofday. */
#define $ac_func innocuous_$ac_func
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func (); below.
Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
<limits.h> exists even on freestanding compilers. */
#ifdef __STDC__
# include <limits.h>
#else
# include <assert.h>
#endif
#undef $ac_func
/* Override any GCC internal prototype to avoid an error.
Use char because int might match the return type of a GCC
builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
char $ac_func ();
/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
#if defined __stub_$ac_func || defined __stub___$ac_func
choke me
#endif
int
main ()
{
return $ac_func ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
if { (ac_try="$ac_link"
case "(($ac_try" in
*\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
*) ac_try_echo=$ac_try;;
esac
eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
(eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } && {
test -z "$ac_c_werror_flag" ||
test ! -s conftest.err
} && test -s conftest$ac_exeext &&
$as_test_x conftest$ac_exeext; then
eval "$as_ac_var=yes"
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
eval "$as_ac_var=no"
fi
rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
fi
ac_res=`eval echo '${'$as_ac_var'}'`
{ echo "$as_me:$LINENO: result: $ac_res" >&5
echo "${ECHO_T}$ac_res" >&6; }
if test `eval echo '${'$as_ac_var'}'` = yes; then
cat >>confdefs.h <<_ACEOF
#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
done
for ac_func in setegid setresgid
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
{ echo "$as_me:$LINENO: checking for $ac_func" >&5
echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
For example, HP-UX 11i <limits.h> declares gettimeofday. */
#define $ac_func innocuous_$ac_func
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func (); below.
Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
<limits.h> exists even on freestanding compilers. */
#ifdef __STDC__
# include <limits.h>
#else
# include <assert.h>
#endif
#undef $ac_func
/* Override any GCC internal prototype to avoid an error.
Use char because int might match the return type of a GCC
builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
char $ac_func ();
/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
#if defined __stub_$ac_func || defined __stub___$ac_func
choke me
#endif
int
main ()
{
return $ac_func ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
if { (ac_try="$ac_link"
case "(($ac_try" in
*\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
*) ac_try_echo=$ac_try;;
esac
eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
(eval "$ac_link") 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } && {
test -z "$ac_c_werror_flag" ||
test ! -s conftest.err
} && test -s conftest$ac_exeext &&
$as_test_x conftest$ac_exeext; then
eval "$as_ac_var=yes"
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
eval "$as_ac_var=no"
fi
rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
fi
ac_res=`eval echo '${'$as_ac_var'}'`
{ echo "$as_me:$LINENO: result: $ac_res" >&5
echo "${ECHO_T}$ac_res" >&6; }
if test `eval echo '${'$as_ac_var'}'` = yes; then
cat >>confdefs.h <<_ACEOF
#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
done
#
# UnixWare 7.1.1 with the feature supplement to the UDK compiler
# is reported to not support "static inline" (RT #1212).

8
configure.in
View File

@@ -18,7 +18,7 @@ AC_DIVERT_PUSH(1)dnl
esyscmd([sed "s/^/# /" COPYRIGHT])dnl
AC_DIVERT_POP()dnl
AC_REVISION($Revision: 1.471 $)
AC_REVISION($Revision: 1.472 $)
AC_INIT(lib/dns/name.c)
AC_PREREQ(2.59)
@@ -282,6 +282,12 @@ AC_C_INLINE
AC_C_VOLATILE
AC_CHECK_FUNC(sysctlbyname, AC_DEFINE(HAVE_SYSCTLBYNAME))
#
# Older versions of HP/UX don't define seteuid() and setegid()
#
AC_CHECK_FUNCS(seteuid setresuid)
AC_CHECK_FUNCS(setegid setresgid)
#
# UnixWare 7.1.1 with the feature supplement to the UDK compiler
# is reported to not support "static inline" (RT #1212).