[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Drop root priviledges
|
From: |
Yuri Polyansky |
|
Subject: |
Drop root priviledges |
|
Date: |
Mon, 21 Oct 2002 00:43:42 +0300 (MSK ) |
HI!
Just in case you're interested. Here is a patch to drop root
priviliges.
Useful for security parnoids who don't believe your code unblowable
;-).
Thanks!
Cheers,
-up
diff -ur httptunnel-3.3/common.h httptunnel-3.3.secure/common.h
--- httptunnel-3.3/common.h Tue Jul 25 13:01:35 2000
+++ httptunnel-3.3.secure/common.h Sun Oct 20 23:50:36 2002
@@ -28,6 +28,7 @@
#define DEFAULT_KEEP_ALIVE 5 /* seconds */
#define DEFAULT_MAX_CONNECTION_AGE 300 /* seconds */
#define BUG_REPORT_EMAIL "bug-httptunnel@gnu.org"
+#define DEFAULT_UID 100
#ifndef TRUE
#define TRUE 1
diff -ur httptunnel-3.3/hts.c httptunnel-3.3.secure/hts.c
--- httptunnel-3.3/hts.c Sun Feb 25 14:56:37 2001
+++ httptunnel-3.3.secure/hts.c Mon Oct 21 00:41:15 2002
@@ -26,6 +26,7 @@
int forward_port;
size_t content_length;
char *pid_filename;
+ int uid;
int use_std;
int use_daemon;
int strict_content_length;
@@ -63,6 +64,7 @@
" open is SEC seconds (default is %d)\n"
" -s, --stdin-stdout use stdin/stdout for communication\n"
" (implies --no-daemon)\n"
+" -U, --uid setuid() to this uid\n"
" -S, --strict-content-length always write Content-Length bytes in
requests\n"
" -V, --version output version information and exit\n"
" -w, --no-daemon don't fork into the background\n"
@@ -93,6 +95,7 @@
arg->strict_content_length = FALSE;
arg->keep_alive = DEFAULT_KEEP_ALIVE;
arg->max_connection_age = DEFAULT_CONNECTION_MAX_TIME;
+ arg->uid = -1;
for (;;)
{
@@ -114,10 +117,11 @@
{ "forward-port", required_argument, 0, 'F' },
{ "content-length", required_argument, 0, 'c' },
{ "max-connection-age", required_argument, 0, 'M' },
+ { "uid", required_argument, 0, 'U' },
{ 0, 0, 0, 0 }
};
- static const char *short_options = "c:d:F:hk:M:p:sSVw"
+ static const char *short_options = "c:d:F:hk:M:p:sSVwU:"
#ifdef DEBUG_MODE
"D:l:"
#endif
@@ -203,6 +207,10 @@
case 'p':
arg->pid_filename = optarg;
break;
+
+ case 'U':
+ arg->uid = atoi(optarg);
+ break;
case 'w':
arg->use_daemon = FALSE;
@@ -307,14 +315,28 @@
log_notice (" debug_level = %d", debug_level);
log_notice (" pid_filename = %s",
arg.pid_filename ? arg.pid_filename : "(null)");
+ log_notice (" uid = %d", arg.uid);
tunnel = tunnel_new_server (arg.host, arg.port, arg.content_length);
+
if (tunnel == NULL)
{
log_error ("couldn't create tunnel", argv[0]);
log_exit (1);
}
+ /* Dropping privileges */
+ if((getuid() == 0) || (arg.uid != -1)){
+ int uid = (arg.uid != -1) ? arg.uid : DEFAULT_UID;
+ log_notice("called with uid = %d, dropping to %d...", getuid(), uid);
+ if(setuid(uid)){
+ /* avoiding CAP_* hack */
+ log_error("setuid(%d) failed while running with uid = %d\n",
uid, getuid());
+ log_exit(1);
+ }
+ }
+ log_notice("setuid() succeeded, getuid() = %d\n", getuid());
+
if (tunnel_setopt (tunnel, "strict_content_length",
&arg.strict_content_length) == -1)
log_debug ("tunnel_setopt strict_content_length error: %s",
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Drop root priviledges,
Yuri Polyansky <=