[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r18449: {tor} Use prctl to reenable core dumps when we have setuid to a no (in tor/trunk: . src/common)
Author: nickm
Date: 2009-02-09 10:20:17 -0500 (Mon, 09 Feb 2009)
New Revision: 18449
Modified:
tor/trunk/ChangeLog
tor/trunk/configure.in
tor/trunk/src/common/compat.c
Log:
Use prctl to reenable core dumps when we have setuid to a non-root user.
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2009-02-09 15:09:51 UTC (rev 18448)
+++ tor/trunk/ChangeLog 2009-02-09 15:20:17 UTC (rev 18449)
@@ -1,4 +1,7 @@
Changes in version 0.2.1.13-????? - 2009-0?-??
+ o Minor features:
+ - On Linux, use the prctl call to re-enable core dumps when the user
+ is option is set.
Changes in version 0.2.1.12-alpha - 2009-02-08
Modified: tor/trunk/configure.in
===================================================================
--- tor/trunk/configure.in 2009-02-09 15:09:51 UTC (rev 18448)
+++ tor/trunk/configure.in 2009-02-09 15:20:17 UTC (rev 18449)
@@ -196,7 +196,7 @@
dnl Check for functions before libevent, since libevent-1.2 apparently
dnl exports strlcpy without defining it in a header.
-AC_CHECK_FUNCS(gettimeofday ftime socketpair uname inet_aton strptime getrlimit strlcat strlcpy strtoull getaddrinfo localtime_r gmtime_r memmem strtok_r writev readv flock)
+AC_CHECK_FUNCS(gettimeofday ftime socketpair uname inet_aton strptime getrlimit strlcat strlcpy strtoull getaddrinfo localtime_r gmtime_r memmem strtok_r writev readv flock prctl)
using_custom_malloc=no
if test x$enable_openbsd_malloc = xyes ; then
@@ -328,7 +328,7 @@
dnl These headers are not essential
-AC_CHECK_HEADERS(stdint.h sys/types.h inttypes.h sys/param.h sys/wait.h limits.h sys/limits.h netinet/in.h arpa/inet.h machine/limits.h syslog.h sys/time.h sys/resource.h inttypes.h utime.h sys/utime.h sys/mman.h netinet/in6.h malloc.h sys/syslimits.h malloc/malloc.h linux/types.h sys/file.h malloc_np.h)
+AC_CHECK_HEADERS(stdint.h sys/types.h inttypes.h sys/param.h sys/wait.h limits.h sys/limits.h netinet/in.h arpa/inet.h machine/limits.h syslog.h sys/time.h sys/resource.h inttypes.h utime.h sys/utime.h sys/mman.h netinet/in6.h malloc.h sys/syslimits.h malloc/malloc.h linux/types.h sys/file.h malloc_np.h sys/prctl.h)
TOR_CHECK_PROTOTYPE(malloc_good_size, HAVE_MALLOC_GOOD_SIZE_PROTOTYPE,
[#ifdef HAVE_MALLOC_H
Modified: tor/trunk/src/common/compat.c
===================================================================
--- tor/trunk/src/common/compat.c 2009-02-09 15:09:51 UTC (rev 18448)
+++ tor/trunk/src/common/compat.c 2009-02-09 15:20:17 UTC (rev 18449)
@@ -83,6 +83,10 @@
#ifdef HAVE_SYS_FILE_H
#include <sys/file.h>
#endif
+#if defined(HAVE_SYS_PRCTL_H) && defined(__linux__)
+/* Only use the linux prctl; the IRIX prctl is totally different */
+#include <sys/prctl.h>
+#endif
#include "log.h"
#include "util.h"
@@ -1223,6 +1227,18 @@
}
have_already_switched_id = 1; /* mark success so we never try again */
+
+#if defined(__linux__) && defined(HAVE_SYS_PRCTL_H) && defined(HAVE_PRCTL)
+#ifdef PR_SET_DUMPABLE
+ if (pw->pw_uid) {
+ /* Re-enable core dumps if we're not running as root. */
+ log_info(LD_CONFIG, "Re-enabling coredumps");
+ if (prctl(PR_SET_DUMPABLE, 1)) {
+ log_warn(LD_CONFIG, "Unable to re-enable coredumps: %s",strerror(errno));
+ }
+ }
+#endif
+#endif
return 0;
#else