search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
merge clone variants
[trinity.git] / uid.c
blob6a7e65a6a7221fc7b4563c2abf65bd9468fe2550
1 #include <errno.h>
2 #include <stdio.h>
3 #include <stdlib.h>
4 #include <string.h>
5 #include <unistd.h>
6 #include <sys/types.h>
7 #include <pwd.h>
8 #include <grp.h>
9 #include "log.h"
10 #include "params.h"
11 #include "uid.h"
12
13 uid_t orig_uid;
14 gid_t orig_gid;
15
16 uid_t nobody_uid;
17 gid_t nobody_gid;
18
19 void dump_uids(void)
20 {
21 uid_t uid, euid, suid;
22 gid_t gid, egid, sgid;
23
24 getresuid(&uid, &euid, &suid);
25 getresgid(&gid, &egid, &sgid);
26
27 outputstd("initial uid:%d gid:%d euid:%d egid:%d suid:%d sgid:%d\n",
28 uid, gid, euid, egid, suid, sgid);
29 }
30
31 void drop_privs(void)
32 {
33 if (setresgid(nobody_gid, nobody_gid, nobody_gid) < 0) {
34 outputerr("Error setting nobody gid (%s)\n", strerror(errno));
35 exit(EXIT_FAILURE);
36 }
37
38 if (setgroups(0, NULL) == -1) {
39 outputerr("Error dropping supplemental groups (%s)\n", strerror(errno));
40 exit(EXIT_FAILURE);
41 }
42
43 if (setresuid(nobody_uid, nobody_uid, nobody_uid) < 0) {
44 outputerr("Error setting nobody uid (%s)\n", strerror(errno));
45 exit(EXIT_FAILURE);
46 }
47
48 outputstd("set uid to %d and gid to %d (nobody)\n", nobody_uid, nobody_gid);
49 }
50
51 void init_uids(void)
52 {
53 struct passwd *passwd;
54
55 orig_uid = getuid();
56 orig_gid = getgid();
57
58 passwd = getpwnam("nobody");
59 if (passwd == NULL) {
60 outputerr("Error getting nobody pwent (%s)\n", strerror(errno));
61 exit(EXIT_FAILURE);
62 }
63 nobody_uid = passwd->pw_uid;
64 nobody_gid = passwd->pw_gid;
65 }
66
67
68 void do_uid0_check(void)
69 {
70 unsigned int i;
71
72 /* if we're already unprivileged, then don't worry. */
73 if (orig_uid != 0)
74 return;
75
76 if (dangerous == TRUE) {
77 outputstd("DANGER: RUNNING AS ROOT.\n");
78 outputstd("Unless you are running in a virtual machine, this could cause serious problems such as overwriting CMOS\n");
79 outputstd("or similar which could potentially make this machine unbootable without a firmware reset.\n");
80 outputstd("You might want to check out running with --dropprivs (currently experimental).\n\n");
81 } else {
82
83 if (dropprivs == FALSE) {
84 outputstd("Don't run as root (or pass --dangerous, or --dropprivs if you know what you are doing).\n");
85 exit(EXIT_FAILURE);
86 } else {
87 outputstd("--dropprivs is still in development, and really shouldn't be used unless you're helping development. Expect crashes.\n");
88 outputstd("Going to run as user nobody (uid:%d gid:%d)\n", nobody_uid, nobody_gid);
89 }
90 }
91
92 outputstd("ctrl-c now unless you really know what you are doing.\n");
93 for (i = 10; i > 0; i--) {
94 outputstd("Continuing in %d seconds.\r", i);
95 (void)fflush(stdout);
96 sleep(1);
97 }
98 }
99
100 void check_uid(void)
101 {
102 uid_t myuid;
103
104 /* If we were root, then obviously setuid() will change us, so don't even check. */
105 if (orig_uid == 0)
106 return;
107
108 myuid = getuid();
109
110 /* we should be 'nobody' if we ran with --dropprivs */
111 if (dropprivs == TRUE) {
112 if (myuid == nobody_uid)
113 return;
114 else
115 goto changed;
116 }
117
118 if (myuid != orig_uid) {
119
120 changed:
121 /* unshare() can change us to /proc/sys/kernel/overflowuid */
122 if (myuid == 65534)
123 return;
124
125 output(0, "uid changed! Was: %d, now %d\n", orig_uid, myuid);
126
127 shm->exit_reason = EXIT_UID_CHANGED;
128 _exit(EXIT_FAILURE);
129 }
130 }
Linux systemcall fuzzer