[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Use tor_getpw{nam, uid} wrappers to fix bug 11946
commit 9b4ac986cbe8867c24c8e77654a4b7e75f870738
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Wed May 14 13:53:14 2014 -0400
Use tor_getpw{nam,uid} wrappers to fix bug 11946
When running with User set, we frequently try to look up our
information in the user database (e.g., /etc/passwd). The seccomp2
sandbox setup doesn't let us open /etc/passwd, and probably
shouldn't.
To fix this, we have a pair of wrappers for getpwnam and getpwuid.
When a real call to getpwnam or getpwuid fails, they fall back to a
cached value, if the uid/gid matches.
(Granting access to /etc/passwd isn't possible with the way we
handle opening files through the sandbox. It's not desirable either.)
---
changes/bug11946 | 5 +++++
src/common/compat.c | 8 ++++----
src/common/util.c | 10 +++++-----
src/or/connection.c | 4 ++--
src/or/control.c | 2 +-
5 files changed, 17 insertions(+), 12 deletions(-)
diff --git a/changes/bug11946 b/changes/bug11946
new file mode 100644
index 0000000..9ea4831
--- /dev/null
+++ b/changes/bug11946
@@ -0,0 +1,5 @@
+ o Minor bugfixes (sandbox):
+
+ - Handle failures in getpwnam()/getpwuid() when running with the
+ User option set and the Linux syscall sandbox enabled. Fixes bug
+ 11946; bugfix on 0.2.5.1-alpha.
diff --git a/src/common/compat.c b/src/common/compat.c
index 9f31cce..65446b5 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -1792,7 +1792,7 @@ int
switch_id(const char *user)
{
#ifndef _WIN32
- struct passwd *pw = NULL;
+ const struct passwd *pw = NULL;
uid_t old_uid;
gid_t old_gid;
static int have_already_switched_id = 0;
@@ -1813,7 +1813,7 @@ switch_id(const char *user)
old_gid = getgid();
/* Lookup the user and group information, if we have a problem, bail out. */
- pw = getpwnam(user);
+ pw = tor_getpwnam(user);
if (pw == NULL) {
log_warn(LD_CONFIG, "Error setting configured user: %s not found", user);
return -1;
@@ -1984,10 +1984,10 @@ tor_disable_debugger_attach(void)
char *
get_user_homedir(const char *username)
{
- struct passwd *pw;
+ const struct passwd *pw;
tor_assert(username);
- if (!(pw = getpwnam(username))) {
+ if (!(pw = tor_getpwnam(username))) {
log_err(LD_CONFIG,"User \"%s\" not found.", username);
return NULL;
}
diff --git a/src/common/util.c b/src/common/util.c
index d573b56..d457ba9 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -1871,7 +1871,7 @@ check_private_dir(const char *dirname, cpd_check_t check,
char *f;
#ifndef _WIN32
int mask;
- struct passwd *pw = NULL;
+ const struct passwd *pw = NULL;
uid_t running_uid;
gid_t running_gid;
#else
@@ -1918,7 +1918,7 @@ check_private_dir(const char *dirname, cpd_check_t check,
if (effective_user) {
/* Look up the user and group information.
* If we have a problem, bail out. */
- pw = getpwnam(effective_user);
+ pw = tor_getpwnam(effective_user);
if (pw == NULL) {
log_warn(LD_CONFIG, "Error setting configured user: %s not found",
effective_user);
@@ -1932,13 +1932,13 @@ check_private_dir(const char *dirname, cpd_check_t check,
}
if (st.st_uid != running_uid) {
- struct passwd *pw = NULL;
+ const struct passwd *pw = NULL;
char *process_ownername = NULL;
- pw = getpwuid(running_uid);
+ pw = tor_getpwuid(running_uid);
process_ownername = pw ? tor_strdup(pw->pw_name) : tor_strdup("<unknown>");
- pw = getpwuid(st.st_uid);
+ pw = tor_getpwuid(st.st_uid);
log_warn(LD_FS, "%s is not owned by this user (%s, %d) but by "
"%s (%d). Perhaps you are running Tor as the wrong user?",
diff --git a/src/or/connection.c b/src/or/connection.c
index 3cc4e09..cef9172 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1017,7 +1017,7 @@ connection_listener_new(const struct sockaddr *listensockaddr,
tor_socket_t s = TOR_INVALID_SOCKET; /* the socket we're going to make */
or_options_t const *options = get_options();
#if defined(HAVE_PWD_H) && defined(HAVE_SYS_UN_H)
- struct passwd *pw = NULL;
+ const struct passwd *pw = NULL;
#endif
uint16_t usePort = 0, gotPort = 0;
int start_reading = 0;
@@ -1157,7 +1157,7 @@ connection_listener_new(const struct sockaddr *listensockaddr,
}
#ifdef HAVE_PWD_H
if (options->User) {
- pw = getpwnam(options->User);
+ pw = tor_getpwnam(options->User);
if (pw == NULL) {
log_warn(LD_NET,"Unable to chown() %s socket: user %s not found.",
address, options->User);
diff --git a/src/or/control.c b/src/or/control.c
index d571900..2865d78 100755
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -1492,7 +1492,7 @@ getinfo_helper_misc(control_connection_t *conn, const char *question,
*answer = tor_strdup("");
#else
int myUid = geteuid();
- struct passwd *myPwEntry = getpwuid(myUid);
+ const struct passwd *myPwEntry = tor_getpwuid(myUid);
if (myPwEntry) {
*answer = tor_strdup(myPwEntry->pw_name);
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits