Пример #1
0
void test_self(void)
{
/* We're supposed to be setuid. Verify. */

  int status;
  pid_t childpid;

  subtest = 1;

  if (issetugid() != 1) e(1);
  childpid = fork();
  if (childpid == -1) e(2);
  else if (childpid == 0) {
	/* We're the child and should inherit the tainted status of the parent
	 */
	if (issetugid() != 1) e(3);

	/* Let's change to the bin user */
	if (setuid((uid_t) 2) != 0) e(4);
	if (getuid() != (uid_t) 2) e(5);

	/* At this point, taint status should not have changed. */
	if (issetugid() != 1) e(6);

	exit(EXIT_SUCCESS);
  } else {
	/* We're the parent. Wait for the child to finish */
	wait(&status);
  }
}
Пример #2
0
// Set the fallBackToHome parameter to true if we should fall back to the HOME environment variable if all else fails. Otherwise return NULL.
static CFURLRef _CFCopyHomeDirURLForUser(const char *username, bool fallBackToHome) {
    const char *fixedHomePath = issetugid() ? NULL : __CFgetenv("CFFIXED_USER_HOME");
    const char *homePath = NULL;
    
    // Calculate the home directory we will use
    // First try CFFIXED_USER_HOME (only if not setugid), then fall back to the upwd, then fall back to HOME environment variable
    CFURLRef home = NULL;
    if (!issetugid() && fixedHomePath) home = CFURLCreateFromFileSystemRepresentation(kCFAllocatorSystemDefault, (uint8_t *)fixedHomePath, strlen(fixedHomePath), true);
    if (!home) {
        struct passwd *upwd = NULL;
        if (username) {
            upwd = getpwnam(username);
        } else {
            uid_t euid;
            __CFGetUGIDs(&euid, NULL);
            upwd = getpwuid(euid ?: getuid());
        }
        if (upwd && upwd->pw_dir) {
            home = CFURLCreateFromFileSystemRepresentation(kCFAllocatorSystemDefault, (uint8_t *)upwd->pw_dir, strlen(upwd->pw_dir), true);
        }
    }
    if (fallBackToHome && !home) homePath = __CFgetenv("HOME");
    if (fallBackToHome && !home && homePath) home = CFURLCreateFromFileSystemRepresentation(kCFAllocatorSystemDefault, (uint8_t *)homePath, strlen(homePath), true);
    
    return home;
}
/*
 * hesiod_init --
 *	initialize a hesiod_p.
 */
int 
hesiod_init(void **context)
{
	struct hesiod_p	*ctx;
	const char	*p, *configname;
	int serrno;

	_DIAGASSERT(context != NULL);

	ctx = calloc(1, sizeof(struct hesiod_p));
	if (ctx) {
		*context = ctx;
		/*
		 * don't permit overrides from environment
		 * for set.id programs
		 */
		if (issetugid())
			configname = NULL;
		else
			configname = getenv("HESIOD_CONFIG");
		if (!configname)
			configname = _PATH_HESIOD_CONF;
		if (read_config_file(ctx, configname) >= 0) {
			/*
			 * The default rhs can be overridden by an
			 * environment variable, unless set.id.
			 */
			if (issetugid())
				p = NULL;
			else
				p = getenv("HES_DOMAIN");
			if (p) {
				if (ctx->rhs)
					free(ctx->rhs);
				ctx->rhs = malloc(strlen(p) + 2);
				if (ctx->rhs) {
					*ctx->rhs = '.';
					strcpy(ctx->rhs + 1,
					    (*p == '.') ? p + 1 : p);
					return 0;
				} else
					errno = ENOMEM;
			} else
				return 0;
		}
	} else
		errno = ENOMEM;

	serrno = errno;
	if (ctx) {
		if (ctx->lhs)
			free(ctx->lhs);
		if (ctx->rhs)
			free(ctx->rhs);
		free(ctx);
	}
	errno = serrno;
	return -1;
}
Пример #4
0
void test_effugid(void)
{
/* Test taint status with different effective uid and gid */
  pid_t childpid;
  int status;

  subtest = 6;

  /* Start with effective uid */
  childpid = fork();
  if (childpid == (pid_t) -1) e(1);
  else if (childpid == 0) {
	/* We're the child */

	/* We should be tainted */
	if (issetugid() != 1) e(2);

	/* Now execute a program without set{u,g}id; should not be tainted */
	system("chmod 755 nobits");
	if (execute("nobits", "0000") != 0) e(3);

	/* Change effective uid into current+42 and try nobits again. This time
	 * it should be tainted */
	if (seteuid(geteuid() + 42) != 0) e(4);
	if (execute("nobits", "0000") != 1) e(5);
	exit(EXIT_SUCCESS);
  } else {
	/* We're the parent, wait for the child to finish */
	wait(&status);
  }

  /* Now test effective gid */
  childpid = fork();
  if (childpid == (pid_t) -1) e(1);
  else if (childpid == 0) {
	/* We're the child */

	/* We should be tainted */
	if (issetugid() != 1) e(2);

	/* Now execute a program without set{u,g}id; should not be tainted */
	system("chmod 755 nobits");
	if (execute("nobits", "0000") != 0) e(3);

	/* Change effective gid into current+42 and try nobits again. This time
	 * it should be tainted */
	if (seteuid(getegid() + 42) != 0) e(4);
	if (execute("nobits", "0000") != 1) e(5);
	exit(EXIT_SUCCESS);
  } else {
	/* We're the parent, wait for the child to finish */
	wait(&status);
  }
}
Пример #5
0
/*
 * Set the current process's credentials to match the passed credential.
 */
static int
cred_set(struct cred *cred)
{
    int error;

    error = setresuid(cred->cr_ruid, cred->cr_euid, cred->cr_svuid);
    if (error)
        return (error);

    error = setugid(cred->cr_issetugid);
    if (error) {
        perror("__setugid");
        return (error);
    }

#ifdef CHECK_CRED_SET
    {
        uid_t ruid, euid, svuid;
        error = getresuid(&ruid, &euid, &svuid);
        if (error) {
            perror("getresuid");
            return (-1);
        }
        assert(ruid == cred->cr_ruid);
        assert(euid == cred->cr_euid);
        assert(svuid == cred->cr_svuid);
        assert(cred->cr_issetugid == issetugid());
    }
#endif /* !CHECK_CRED_SET */

    return (0);
}
Пример #6
0
struct mio_hdl *
mio_open(const char *str, unsigned int mode, int nbio)
{
	static char portany[] = MIO_PORTANY;
	struct mio_hdl *hdl;

#ifdef DEBUG
	_sndio_debug_init();
#endif
	if ((mode & (MIO_OUT | MIO_IN)) == 0)
		return NULL;
	if (str == NULL) /* backward compat */
		str = portany;
	if (strcmp(str, portany) == 0 && !issetugid()) {
		str = getenv("MIDIDEVICE");
		if (str == NULL)
			str = portany;
	}
	if (strcmp(str, portany) == 0) {
		hdl = _mio_aucat_open("midithru/0", mode, nbio);
		if (hdl != NULL)
			return hdl;
		return _mio_rmidi_open("rmidi/0", mode, nbio);
	}
	if (_sndio_parsetype(str, "snd") ||
	    _sndio_parsetype(str, "midithru") ||
	    _sndio_parsetype(str, "midi"))
		return _mio_aucat_open(str, mode, nbio);
	if (_sndio_parsetype(str, "rmidi"))
		return _mio_rmidi_open(str, mode, nbio);
	DPRINTF("mio_open: %s: unknown device type\n", str);
	return NULL;
}
Пример #7
0
void test_pid(void)
{
  pid_t pid;
  int   sc;

  pid = getpid();
  printf( "getpid = %d\n", pid );

  pid = __getpid();
  printf( "__getpid = %d\n", pid );

  pid = getppid();
  printf( "getppid = %d\n", pid );

  puts( "setsid - EPERM" );
  pid = setsid();
  rtems_test_assert( pid == -1 );
  rtems_test_assert( errno == EPERM );

  sc = issetugid();
  rtems_test_assert( sc == 0 );

  puts( "getpgrp - return local node - OK" );
  pid = getpgrp();
  printf( "getpgrp returned %d\n", pid ); 
}
Пример #8
0
struct sio_hdl *
sio_open(const char *str, unsigned int mode, int nbio)
{
    static char devany[] = SIO_DEVANY;
    struct sio_hdl *hdl;
    const char *p;

#ifdef DEBUG
    _sndio_debug_init();
#endif
    if ((mode & (SIO_PLAY | SIO_REC)) == 0)
        return NULL;
    if (str == NULL) /* backward compat */
        str = devany;
    if (strcmp(str, devany) == 0 && !issetugid()) {
        str = getenv("AUDIODEVICE");
        if (str == NULL)
            str = devany;
    }
    if (strcmp(str, devany) == 0) {
        hdl = _sio_aucat_open("/0", mode, nbio);
        if (hdl != NULL)
            return hdl;
        return _sio_sun_open("/0", mode, nbio);
    }
    if ((p = _sndio_parsetype(str, "snd")) != NULL ||
            (p = _sndio_parsetype(str, "aucat")) != NULL)
        return _sio_aucat_open(p, mode, nbio);
    if ((p = _sndio_parsetype(str, "rsnd")) != NULL ||
            (p = _sndio_parsetype(str, "sun")) != NULL) {
        return _sio_sun_open(p, mode, nbio);
    }
    DPRINTF("sio_open: %s: unknown device type\n", str);
    return NULL;
}
Пример #9
0
int
_citrus_load_module(_citrus_module_t *rhandle, const char *encname)
{
	const char *p;
	char path[PATH_MAX];
	void *handle;
	int maj, min;

	if (_pathI18nModule == NULL) {
		p = getenv("PATH_I18NMODULE");
		if (p != NULL && !issetugid()) {
			_pathI18nModule = strdup(p);
			if (_pathI18nModule == NULL)
				return (ENOMEM);
		} else
			_pathI18nModule = _PATH_I18NMODULE;
	}

	(void)snprintf(path, sizeof(path), "lib%s", encname);
	maj = I18NMODULE_MAJOR;
	min = -1;
	p = _findshlib(path, &maj, &min);
	if (!p)
		return (EINVAL);
	handle = libc_dlopen(p, RTLD_LAZY);
	if (!handle) {
		printf("%s", dlerror());
		return (EINVAL);
	}

	*rhandle = (_citrus_module_t)handle;

	return (0);
}
Пример #10
0
static void
uu_die_internal(int status, const char *format, va_list alist)
{
	uu_warn_internal(errno, format, alist);
#ifdef DEBUG
	{
		char *cp;

#if 0
		if (!issetugid()) {
#else
                if (!!(geteuid() == 0)) {
#endif
			cp = getenv("UU_DIE_ABORTS");
			if (cp != NULL && *cp != '\0')
				abort();
		}
	}
#endif
	exit(status);
}

void
uu_vdie(const char *format, va_list alist)
{
	uu_die_internal(UU_EXIT_FATAL, format, alist);
}
Пример #11
0
Bool
Id_IsSetUGid(void)
{
#if defined(__APPLE__) || defined(__FreeBSD__) || defined(sun)
   uid_t ruid = getuid();
   uid_t euid = geteuid();
   gid_t rgid = getgid();
   gid_t egid = getegid();

   return issetugid() == 1 || ruid != euid || rgid != egid;
#elif defined(__linux__)
   uid_t ruid, euid, suid;
   gid_t rgid, egid, sgid;

   /* We want to make sure that this call always succeeds. */
   if (IdGetRESUid(&ruid, &euid, &suid) != 0 ||
       IdGetRESGid(&rgid, &egid, &sgid) != 0) {
      return TRUE; /* Conservative */
   }

   return IdIsSetUGid() ||
          ruid != euid || ruid != suid ||
          rgid != egid || rgid != sgid;
#else
   return TRUE; /* Conservative */
#endif
}
Пример #12
0
int
main(int argc, const char *argv[])
{
	struct kinfo_proc	 kproc;
	struct passwd		*pw;

	if ((pw = getpwnam(_SETUID_REGRESS_USER)) == NULL)
		err(1, "unknown user \"%s\"", _SETUID_REGRESS_USER);

	/*
	 * From the setuid man page:
	 *   The setuid() function sets the real and effective user IDs
	 *   and the saved set-user-ID of the current process
	 */
	if (setuid(pw->pw_uid) == -1)
		err(1, "setuid");
	checkuids(pw->pw_uid, pw->pw_uid, pw->pw_uid, "getresuid");

	/* should only respond to setuid upon exec */
	if (issetugid())
		errx(1, "process incorrectly marked as issetugid()");

	if (read_kproc_pid(&kproc, getpid()) == -1)
		err(1, "kproc read failed");

	if (!(kproc.p_psflags & PS_SUGID))
		errx(1, "PS_SUGID not set");
	if (kproc.p_psflags & PS_SUGIDEXEC)
		errx(1, "PS_SUGIDEXEC incorrectly set");

	exit(0);
}
Пример #13
0
const char *_CFProcessPath(void) {
    if (__CFProcessPath) return __CFProcessPath;
#if DEPLOYMENT_TARGET_MACOSX
    if (!issetugid()) {
	const char *path = (char *)__CFgetenv("CFProcessPath");
	if (path) {
	    __CFProcessPath = strdup(path);
	    __CFprogname = strrchr(__CFProcessPath, PATH_SEP);
	    __CFprogname = (__CFprogname ? __CFprogname + 1 : __CFProcessPath);
	    return __CFProcessPath;
	}
    }
#endif
    uint32_t size = CFMaxPathSize;
    char buffer[size];
    if (0 == _NSGetExecutablePath(buffer, &size)) {
	__CFProcessPath = strdup(buffer);
	__CFprogname = strrchr(__CFProcessPath, PATH_SEP);
	__CFprogname = (__CFprogname ? __CFprogname + 1 : __CFProcessPath);
    }
    if (!__CFProcessPath) {
	__CFProcessPath = "";
        __CFprogname = __CFProcessPath;
    }
    return __CFProcessPath;
}
Пример #14
0
char *
secure_getenv (char const *name)
{
#if HAVE___SECURE_GETENV /* glibc */
  return __secure_getenv (name);
#elif HAVE_ISSETUGID /* OS X, FreeBSD, NetBSD, OpenBSD */
  if (issetugid ())
    return NULL;
  return getenv (name);
#elif HAVE_GETUID && HAVE_GETEUID && HAVE_GETGID && HAVE_GETEGID /* other Unix */
  if (geteuid () != getuid () || getegid () != getgid ())
    return NULL;
  return getenv (name);
#elif (defined _WIN32 || defined __WIN32__) && ! defined __CYGWIN__ /* native Windows */
  /* On native Windows, there is no such concept as setuid or setgid binaries.
     - Programs launched as system services have high privileges, but they don't
       inherit environment variables from a user.
     - Programs launched by a user with "Run as Administrator" have high
       privileges and use the environment variables, but the user has been asked
       whether he agrees.
     - Programs launched by a user without "Run as Administrator" cannot gain
       high privileges, therefore there is no risk. */
  return getenv (name);
#else
  return NULL;
#endif
}
Пример #15
0
static int
tmp(void)
{
	sigset_t set, oset;
	size_t len;
	int fd;
	char *envtmp;
	char path[PATH_MAX];

#if HAVE_ISSETUGID
	if (issetugid())
		envtmp = NULL;
	else
#endif
		envtmp = getenv("TMPDIR");

	len = snprintf(path,
	    sizeof(path), "%s/bt.XXXXXX", envtmp ? envtmp : _PATH_TMP);
	if (len >= sizeof(path))
		return -1;
	
	(void)sigfillset(&set);
	(void)sigprocmask(SIG_BLOCK, &set, &oset);
	if ((fd = mkstemp(path)) != -1) {
		(void)unlink(path);
		(void)fcntl(fd, F_SETFD, FD_CLOEXEC);
	}
	(void)sigprocmask(SIG_SETMASK, &oset, NULL);
	return(fd);
}
Пример #16
0
XPC_RETURNS_RETAINED
static xpc_pipe_t
_od_xpc_pipe(bool resetPipe)
{
	static dispatch_once_t once;
	xpc_pipe_t result = NULL;

#ifdef __i386__
	if (xpc_pipe_create == NULL) {
		_si_disable_opendirectory();
		return NULL;
	}
#endif

	dispatch_once(&once, ^(void) {
		char *rc_xbs;
		
		/* if this is a build environment we ignore opendirectoryd */
		rc_xbs = getenv("RC_XBS");
		if ((issetugid() == 0) && (rc_xbs != NULL) && (strcmp(rc_xbs, "YES") == 0)) {
			_si_opendirectory_disabled = 1;
			return;
		}

		pthread_atfork(_od_fork_prepare, _od_fork_parent, _od_fork_child);
	});
Пример #17
0
/*
 * Check for environment variables altering the configuration as described
 * in resolv.conf(5).  Although not documented there, this feature is disabled
 * for setuid/setgid programs.
 */
static void
asr_ctx_envopts(struct asr_ctx *ac)
{
	char	buf[4096], *e;
	size_t	s;

	if (issetugid()) {
		ac->ac_options |= RES_NOALIASES;
		return;
	}

	if ((e = getenv("RES_OPTIONS")) != NULL) {
		strlcpy(buf, "options ", sizeof buf);
		strlcat(buf, e, sizeof buf);
		s = strlcat(buf, "\n", sizeof buf);
		if (s < sizeof buf)
			asr_ctx_parse(ac, buf);
	}

	if ((e = getenv("LOCALDOMAIN")) != NULL) {
		strlcpy(buf, "search ", sizeof buf);
		strlcat(buf, e, sizeof buf);
		s = strlcat(buf, "\n", sizeof buf);
		if (s < sizeof buf)
			asr_ctx_parse(ac, buf);
	}
}
Пример #18
0
int acl_unsafe(void)
{
	return (geteuid() != getuid()
#ifdef HAS_ISSETUGID
		|| issetugid()
#endif
		|| getgid() != getegid());
}
int
main (void)
{
  int status;
  status = issetugid ();

  return 0;
}
Пример #20
0
/*
 * expand tilde from the passwd file.
 */
static const Char *
globtilde(const Char *pattern, Char *patbuf, size_t patbuf_len, glob_t *pglob)
{
	struct passwd *pwd;
	char *h;
	const Char *p;
	Char *b, *eb;

	if (*pattern != TILDE || !(pglob->gl_flags & GLOB_TILDE))
		return pattern;

	/* 
	 * Copy up to the end of the string or / 
	 */
	eb = &patbuf[patbuf_len - 1];
	for (p = pattern + 1, h = (char *) patbuf;
	    h < (char *)eb && *p && *p != SLASH; *h++ = *p++)
		continue;

	*h = EOS;

	if (((char *) patbuf)[0] == EOS) {
		/*
		 * handle a plain ~ or ~/ by expanding $HOME first (iff
		 * we're not running setuid or setgid) and then trying
		 * the password file
		 */
		if (issetugid() != 0 ||
		    (h = getenv("HOME")) == NULL) {
			if (((h = getlogin()) != NULL &&
			     (pwd = getpwnam(h)) != NULL) ||
			    (pwd = getpwuid(getuid())) != NULL)
				h = pwd->pw_dir;
			else
				return pattern;
		}
	}
	else {
		/*
		 * Expand a ~user
		 */
		if ((pwd = getpwnam((char*) patbuf)) == NULL)
			return pattern;
		else
			h = pwd->pw_dir;
	}

	/* Copy the home directory */
	for (b = patbuf; b < eb && *h; *b++ = *h++)
		continue;

	/* Append the rest of the pattern */
	while (b < eb && (*b++ = *p++) != EOS)
		continue;
	*b = EOS;

	return patbuf;
}
Пример #21
0
char *
tempnam(const char *dir, const char *pfx)
{
	int sverrno, len;
	char *f, *name;

	if (!(name = malloc(PATH_MAX)))
		return(NULL);

	if (!pfx)
		pfx = "tmp.";

	if (issetugid() == 0 && (f = getenv("TMPDIR")) && *f != '\0') {
		len = snprintf(name, PATH_MAX, "%s%s%sXXXXXXXXXX", f,
		    f[strlen(f) - 1] == '/' ? "" : "/", pfx);
		if (len < 0 || len >= PATH_MAX) {
			errno = ENAMETOOLONG;
			return(NULL);
		}
		if ((f = _mktemp(name)))
			return(f);
	}

	if (dir != NULL) {
		f = *dir ? (char *)dir : ".";
		len = snprintf(name, PATH_MAX, "%s%s%sXXXXXXXXXX", f,
		    f[strlen(f) - 1] == '/' ? "" : "/", pfx);
		if (len < 0 || len >= PATH_MAX) {
			errno = ENAMETOOLONG;
			return(NULL);
		}
		if ((f = _mktemp(name)))
			return(f);
	}

	f = P_tmpdir;
	len = snprintf(name, PATH_MAX, "%s%sXXXXXXXXX", f, pfx);
	if (len < 0 || len >= PATH_MAX) {
		errno = ENAMETOOLONG;
		return(NULL);
	}
	if ((f = _mktemp(name)))
		return(f);

	f = _PATH_TMP;
	len = snprintf(name, PATH_MAX, "%s%sXXXXXXXXX", f, pfx);
	if (len < 0 || len >= PATH_MAX) {
		errno = ENAMETOOLONG;
		return(NULL);
	}
	if ((f = _mktemp(name)))
		return(f);

	sverrno = errno;
	free(name);
	errno = sverrno;
	return(NULL);
}
Пример #22
0
/*
 * "Started with special privileges" means "started out set-UID or set-GID",
 * or run as the root user or group.
 */
gboolean
started_with_special_privs(void)
{
	g_assert(init_process_policies_called);
#ifdef HAVE_ISSETUGID
	return issetugid();
#else
	return (ruid != euid || rgid != egid || ruid == 0 || rgid == 0);
#endif
}
Пример #23
0
void
umem_error_enter(const char *error_str)
{
#ifndef UMEM_STANDALONE
	if (umem_output && !issetugid())
		(void) write(UMEM_ERRFD, error_str, strlen(error_str));
#endif

	umem_log_enter(error_str, 1);
}
Пример #24
0
char *
secure_getenv (char const *name)
{
#if HAVE___SECURE_GETENV
  return __secure_getenv (name);
#else
  if (issetugid ())
    return 0;
  return getenv (name);
#endif
}
Пример #25
0
_nc_env_access(void)
{
#if HAVE_ISSETUGID
    if (issetugid())
	return FALSE;
#elif HAVE_GETEUID && HAVE_GETEGID
    if (getuid() != geteuid()
	|| getgid() != getegid())
	return FALSE;
#endif
    return getuid() != 0 && geteuid() != 0;	/* ...finally, disallow root */
}
Пример #26
0
/*
 * Return a process credential describing the current process.
 */
static int
cred_get(struct cred *cred)
{
    int error;

    error = getresuid(&cred->cr_ruid, &cred->cr_euid, &cred->cr_svuid);
    if (error)
        return (error);

    cred->cr_issetugid = issetugid();

    return (0);
}
Пример #27
0
/*
 * set the debug level from an environment string.  Bogus values are
 * silently ignored.
 */
void
_rthread_debug_init(void)
{
	char *envp;
	char *rem;

	if (issetugid())
		return;
	envp = getenv(RTHREAD_ENV_DEBUG);
	if (envp) {
		_rthread_debug_level = (int) strtol(envp, &rem, 0);
		if (*rem || _rthread_debug_level < 0)
			_rthread_debug_level = 0;
	}
}
Пример #28
0
static void *
poll_init(struct event_base *base)
{
	struct pollop *pollop;

	/* Disable poll when this environment variable is set */
	if (!issetugid() && getenv("EVENT_NOPOLL"))
		return (NULL);

	if (!(pollop = calloc(1, sizeof(struct pollop))))
		return (NULL);

	evsignal_init(base);

	return (pollop);
}
Пример #29
0
static __inline void
init_cache(void)
{
	rwlock_wrlock(&lock);
	if (!isinit) {
		_CITRUS_HASH_INIT(&shared_pool, CI_HASH_SIZE);
		TAILQ_INIT(&shared_unused);
		shared_max_reuse = -1;
		if (!issetugid() && getenv(CI_ENV_MAX_REUSE))
			shared_max_reuse = atoi(getenv(CI_ENV_MAX_REUSE));
		if (shared_max_reuse < 0)
			shared_max_reuse = CI_INITIAL_MAX_REUSE;
		isinit = true;
	}
	rwlock_unlock(&lock);
}
Пример #30
0
static void
uu_die_internal(int status, const char *format, va_list alist)
{
	uu_warn_internal(errno, format, alist);
#ifdef DEBUG
	{
		char *cp;

		if (!issetugid()) {
			cp = getenv("UU_DIE_ABORTS");
			if (cp != NULL && *cp != '\0')
				abort();
		}
	}
#endif
	exit(status);
}