Пример #1
0
int zuluCryptCanOpenPathForReading( const char * path,uid_t uid )
{
	return path_is_accessible( path,uid,ZULUCRYPTread ) ;
}
Пример #2
0
int zuluCryptCanOpenPathForWriting( const char * path,uid_t uid )
{
	return path_is_accessible( path,uid,ZULUCRYPTwrite ) ;
}
Пример #3
0
static void
_check_auth_client_dir (const char *dir, int got_force)
{
#if defined(AUTH_METHOD_RECVFD_MKFIFO) || defined(AUTH_METHOD_RECVFD_MKNOD)
    int          got_symlink;
    struct stat  st;
    int          n;
    char         dirdir [PATH_MAX];
    char         ebuf [1024];

    if ((dir == NULL) || (*dir == '\0')) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "The auth client dir name is undefined");
    }
    /*  Check directory permissions and whatnot.
     */
    got_symlink = (lstat (dir, &st) == 0) ? S_ISLNK (st.st_mode) : 0;

    if (stat (dir, &st) < 0) {
        log_errno (EMUNGE_SNAFU, LOG_ERR,
            "Failed to check auth client dir \"%s\"", dir);
    }
    if (!S_ISDIR (st.st_mode) || got_symlink) {
        if (!got_force || !got_symlink)
            log_err (EMUNGE_SNAFU, LOG_ERR,
                "The auth client dir is insecure: "
                "\"%s\" must be a directory", dir);
        else
            log_msg (LOG_WARNING,
                "The auth client dir is insecure: "
                "\"%s\" should not be a symlink", dir);
    }
    if ((st.st_uid != 0) && (st.st_uid != geteuid ())) {
        if (!got_force)
            log_err (EMUNGE_SNAFU, LOG_ERR,
                "The auth client dir is insecure: "
                "invalid ownership of \"%s\"", dir);
        else
            log_msg (LOG_WARNING,
                "The auth client dir is insecure: "
                "invalid ownership of \"%s\"", dir);
    }
    if ((st.st_mode & (S_IWUSR | S_IWGRP | S_IWOTH | S_ISVTX))
            != (S_IWUSR | S_IWGRP | S_IWOTH | S_ISVTX)) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "The auth client dir is insecure: "
            "\"%s\" must be writable by all with the sticky bit set", dir);
    }
    /*  Ensure auth client parent dir is secure against modification by others.
     */
    if (path_dirname (dir, dirdir, sizeof (dirdir)) < 0) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Failed to determine dirname of auth client dir \"%s\"", dir);
    }
    n = path_is_secure (dirdir, ebuf, sizeof (ebuf));
    if (n < 0) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Failed to check auth client parent dir \"%s\": %s", dirdir, ebuf);
    }
    else if ((n == 0) && (!got_force)) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "The auth client dir is insecure: %s", ebuf);
    }
    else if (n == 0) {
        log_msg (LOG_WARNING,
            "The auth client dir is insecure: %s", ebuf);
    }
    /*  Ensure auth client dir is accessible by all.
     */
    n = path_is_accessible (dir, ebuf, sizeof (ebuf));
    if (n < 0) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Failed to check auth client dir \"%s\": %s", dir, ebuf);
    }
    else if ((n == 0) && (!got_force)) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "The auth client dir is inaccessible: %s", ebuf);
    }
    else if (n == 0) {
        log_msg (LOG_WARNING,
            "The auth client dir is inaccessible: %s", ebuf);
    }
#endif /* AUTH_METHOD_RECVFD_MKFIFO || AUTH_METHOD_RECVFD_MKNOD */
    return;
}
Пример #4
0
static void
_check_auth_server_dir (const char *dir, int got_force)
{
#if defined(AUTH_METHOD_RECVFD_MKFIFO) || defined(AUTH_METHOD_RECVFD_MKNOD)
    int          got_symlink;
    struct stat  st;
    int          n;
    char         ebuf [1024];

    if ((dir == NULL) || (*dir == '\0')) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "The auth server dir name is undefined");
    }
    /*  Check directory permissions and whatnot.
     */
    got_symlink = (lstat (dir, &st) == 0) ? S_ISLNK (st.st_mode) : 0;

    if (stat (dir, &st) < 0) {
        log_errno (EMUNGE_SNAFU, LOG_ERR,
            "Failed to stat auth server dir \"%s\"", dir);
    }
    if (!S_ISDIR (st.st_mode) || got_symlink) {
        if (!got_force || !got_symlink)
            log_err (EMUNGE_SNAFU, LOG_ERR,
                "The auth server dir is insecure: "
                "\"%s\" must be a directory", dir);
        else
            log_msg (LOG_WARNING,
                "The auth server dir is insecure: "
                "\"%s\" should not be a symlink", dir);
    }
    if (st.st_uid != geteuid ()) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "The auth server dir is insecure: "
            "\"%s\" must be owned by UID %u", dir, (unsigned) geteuid ());
    }
    if (!(st.st_mode & S_IWUSR)) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "The auth server dir is insecure: "
            "\"%s\" must be writable by user", dir);
    }
    if (st.st_mode & (S_IRGRP | S_IROTH)) {
        if (!got_force)
            log_err (EMUNGE_SNAFU, LOG_ERR,
                "The auth server dir is insecure: "
                "\"%s\" should not be readable by group or world", dir);
        else
            log_msg (LOG_WARNING,
                "The auth server dir is insecure: "
                "\"%s\" should not be readable by group or world", dir);
    }
    /*  Ensure auth server dir is secure against modification by others.
     */
    n = path_is_secure (dir, ebuf, sizeof (ebuf));
    if (n < 0) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Failed to check auth server dir \"%s\": %s", dir, ebuf);
    }
    else if ((n == 0) && (!got_force)) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "The auth server dir is insecure: %s", ebuf);
    }
    else if (n == 0) {
        log_msg (LOG_WARNING,
            "The auth server dir is insecure: %s", ebuf);
    }
    /*  Ensure auth server dir is accessible by all.
     */
    n = path_is_accessible (dir, ebuf, sizeof (ebuf));
    if (n < 0) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Failed to check auth server dir \"%s\": %s", dir, ebuf);
    }
    else if ((n == 0) && (!got_force)) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "The auth server dir is inaccessible: %s", ebuf);
    }
    else if (n == 0) {
        log_msg (LOG_WARNING,
            "The auth server dir is inaccessible: %s", ebuf);
    }
#endif /* AUTH_METHOD_RECVFD_MKFIFO || AUTH_METHOD_RECVFD_MKNOD */
    return;
}
Пример #5
0
static void
sock_create (conf_t conf)
{
    char                sockdir [PATH_MAX];
    char                ebuf [1024];
    int                 n;
    int                 sd;
    struct sockaddr_un  addr;
    mode_t              mask;
    int                 rv;

    assert (conf != NULL);

    if ((conf->socket_name == NULL) || (*conf->socket_name == '\0')) {
        log_err (EMUNGE_SNAFU, LOG_ERR, "MUNGE socket name is undefined");
    }
    /*  Ensure socket dir is secure against modification by others.
     */
    if (path_dirname (conf->socket_name, sockdir, sizeof (sockdir)) < 0) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Failed to determine dirname of socket \"%s\"", conf->socket_name);
    }
    n = path_is_secure (sockdir, ebuf, sizeof (ebuf));
    if (n < 0) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Failed to check socket dir \"%s\": %s", sockdir, ebuf);
    }
    else if ((n == 0) && (!conf->got_force)) {
        log_err (EMUNGE_SNAFU, LOG_ERR, "Socket is insecure: %s", ebuf);
    }
    else if (n == 0) {
        log_msg (LOG_WARNING, "Socket is insecure: %s", ebuf);
    }
    /*  Ensure socket dir is accessible by all.
     */
    n = path_is_accessible (sockdir, ebuf, sizeof (ebuf));
    if (n < 0) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Failed to check socket dir \"%s\": %s", sockdir, ebuf);
    }
    else if ((n == 0) && (!conf->got_force)) {
        log_err (EMUNGE_SNAFU, LOG_ERR, "Socket is inaccessible: %s", ebuf);
    }
    else if (n == 0) {
        log_msg (LOG_WARNING, "Socket is inaccessible: %s", ebuf);
    }
    /*  Create lockfile for exclusive access to the socket.
     */
    sock_lock (conf);
    /*
     *  Create socket for communicating with clients.
     */
    if ((sd = socket (PF_UNIX, SOCK_STREAM, 0)) < 0) {
        log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to create socket");
    }
    memset (&addr, 0, sizeof (addr));
    addr.sun_family = AF_UNIX;
    n = strlcpy (addr.sun_path, conf->socket_name, sizeof (addr.sun_path));
    if (n >= sizeof (addr.sun_path)) {
        log_err (EMUNGE_SNAFU, LOG_ERR,
            "Exceeded maximum length of socket pathname");
    }
    /*  Ensure socket is accessible by all.
     */
    mask = umask (0);
    rv = bind (sd, (struct sockaddr *) &addr, sizeof (addr));
    umask (mask);

    if (rv < 0) {
        log_errno (EMUNGE_SNAFU, LOG_ERR,
            "Failed to bind \"%s\"", conf->socket_name);
    }
    if (listen (sd, MUNGE_SOCKET_BACKLOG) < 0) {
        log_errno (EMUNGE_SNAFU, LOG_ERR,
            "Failed to listen on \"%s\"", conf->socket_name);
    }
    conf->ld = sd;
    return;
}