search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
move_pages: just use calloc
[trinity.git] / uid.c
blobfbcf4744cb15a98cfb2bd34ee153cb9b1aba4b3a
1 #include <errno.h>
2 #include <stdio.h>
3 #include <stdlib.h>
4 #include <string.h>
5 #include <unistd.h>
6 #include <sys/types.h>
7 #include <pwd.h>
8 #include <grp.h>
9 #include "log.h"
10 #include "params.h"
11 #include "uid.h"
12
13 uid_t orig_uid;
14 gid_t orig_gid;
15
16 uid_t nobody_uid;
17 gid_t nobody_gid;
18
19 void dump_uids(void)
20 {
21 uid_t uid, euid, suid;
22 gid_t gid, egid, sgid;
23
24 getresuid(&uid, &euid, &suid);
25 getresgid(&gid, &egid, &sgid);
26
27 outputstd("initial uid:%d gid:%d euid:%d egid:%d suid:%d sgid:%d\n",
28 uid, gid, euid, egid, suid, sgid);
29 }
30
31 void drop_privs(void)
32 {
33 if (setresgid(nobody_gid, nobody_gid, nobody_gid) < 0) {
34 outputerr("Error setting nobody gid (%s)\n", strerror(errno));
35 exit(EXIT_FAILURE);
36 }
37
38 if (setgroups(0, NULL) == -1) {
39 outputerr("Error dropping supplemental groups (%s)\n", strerror(errno));
40 exit(EXIT_FAILURE);
41 }
42
43 if (setresuid(nobody_uid, nobody_uid, nobody_uid) < 0) {
44 outputerr("Error setting nobody uid (%s)\n", strerror(errno));
45 exit(EXIT_FAILURE);
46 }
47
48 outputstd("set uid to %d and gid to %d (nobody)\n", nobody_uid, nobody_gid);
49 }
50
51 void init_uids(void)
52 {
53 struct passwd *passwd;
54
55 orig_uid = getuid();
56 orig_gid = getgid();
57
58 if (dropprivs == FALSE)
59 return;
60
61 passwd = getpwnam("nobody");
62 if (passwd == NULL) {
63 outputerr("Error getting nobody pwent (%s)\n", strerror(errno));
64 exit(EXIT_FAILURE);
65 }
66 nobody_uid = passwd->pw_uid;
67 nobody_gid = passwd->pw_gid;
68 }
69
70
71 void do_uid0_check(void)
72 {
73 unsigned int i;
74
75 /* if we're already unprivileged, then don't worry. */
76 if (orig_uid != 0)
77 return;
78
79 if (dangerous == TRUE) {
80 outputstd("DANGER: RUNNING AS ROOT.\n");
81 outputstd("Unless you are running in a virtual machine, this could cause serious problems such as overwriting CMOS\n");
82 outputstd("or similar which could potentially make this machine unbootable without a firmware reset.\n");
83 outputstd("You might want to check out running with --dropprivs (currently experimental).\n\n");
84 } else {
85
86 if (dropprivs == FALSE) {
87 outputstd("Don't run as root (or pass --dangerous, or --dropprivs if you know what you are doing).\n");
88 exit(EXIT_FAILURE);
89 } else {
90 outputstd("--dropprivs is still in development, and really shouldn't be used unless you're helping development. Expect crashes.\n");
91 outputstd("Going to run as user nobody (uid:%d gid:%d)\n", nobody_uid, nobody_gid);
92 }
93 }
94
95 outputstd("ctrl-c now unless you really know what you are doing.\n");
96 for (i = 10; i > 0; i--) {
97 outputstd("Continuing in %d seconds.\r", i);
98 (void)fflush(stdout);
99 sleep(1);
100 }
101 }
102
103 void check_uid(void)
104 {
105 uid_t myuid;
106
107 /* If we were root, then obviously setuid() will change us, so don't even check. */
108 if (orig_uid == 0)
109 return;
110
111 myuid = getuid();
112
113 /* we should be 'nobody' if we ran with --dropprivs */
114 if (dropprivs == TRUE) {
115 if (myuid == nobody_uid)
116 return;
117 else
118 goto changed;
119 }
120
121 if (myuid != orig_uid) {
122
123 changed:
124 /* unshare() can change us to /proc/sys/kernel/overflowuid */
125 if (myuid == 65534)
126 return;
127
128 output(0, "uid changed! Was: %d, now %d\n", orig_uid, myuid);
129
130 shm->exit_reason = EXIT_UID_CHANGED;
131 _exit(EXIT_FAILURE);
132 }
133 }
Linux systemcall fuzzer