crypto/openssh/sandbox-rlimit.c

   1 /* $OpenBSD: sandbox-rlimit.c,v 1.3 2011/06/23 09:34:13 djm Exp $ */
   2 /*
   3  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
   4  *
   5  * Permission to use, copy, modify, and distribute this software for any
   6  * purpose with or without fee is hereby granted, provided that the above
   7  * copyright notice and this permission notice appear in all copies.
   8  *
   9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  16  */
  17
  18 #include "includes.h"
  19
  20 #ifdef SANDBOX_RLIMIT
  21
  22 #include <sys/types.h>
  23 #include <sys/param.h>
  24 #include <sys/time.h>
  25 #include <sys/resource.h>
  26
  27 #include <errno.h>
  28 #include <stdarg.h>
  29 #include <stdio.h>
  30 #include <stdlib.h>
  31 #include <string.h>
  32 #include <unistd.h>
  33
  34 #include "log.h"
  35 #include "ssh-sandbox.h"
  36 #include "xmalloc.h"
  37
  38 /* Minimal sandbox that sets zero nfiles, nprocs and filesize rlimits */
  39
  40 struct ssh_sandbox {
  41         pid_t child_pid;
  42 };
  43
  44 struct ssh_sandbox *
  45 ssh_sandbox_init(struct monitor *monitor)
  46 {
  47         struct ssh_sandbox *box;
  48
  49         /*
  50          * Strictly, we don't need to maintain any state here but we need
  51          * to return non-NULL to satisfy the API.
  52          */
  53         debug3("%s: preparing rlimit sandbox", __func__);
  54         box = xcalloc(1, sizeof(*box));
  55         box->child_pid = 0;
  56
  57         return box;
  58 }
  59
  60 void
  61 ssh_sandbox_child(struct ssh_sandbox *box)
  62 {
  63         struct rlimit rl_zero;
  64
  65         rl_zero.rlim_cur = rl_zero.rlim_max = 0;
  66
  67 #ifndef SANDBOX_SKIP_RLIMIT_FSIZE
  68         if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1)
  69                 fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s",
  70                         __func__, strerror(errno));
  71 #endif
  72 #ifndef SANDBOX_SKIP_RLIMIT_NOFILE
  73         if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1)
  74                 fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s",
  75                         __func__, strerror(errno));
  76 #endif
  77 #ifdef HAVE_RLIMIT_NPROC
  78         if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1)
  79                 fatal("%s: setrlimit(RLIMIT_NPROC, { 0, 0 }): %s",
  80                         __func__, strerror(errno));
  81 #endif
  82 }
  83
  84 void
  85 ssh_sandbox_parent_finish(struct ssh_sandbox *box)
  86 {
  87         free(box);
  88         debug3("%s: finished", __func__);
  89 }
  90
  91 void
  92 ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid)
  93 {
  94         box->child_pid = child_pid;
  95 }
  96
  97 #endif /* SANDBOX_RLIMIT */