lib-program-client: Use restrict-access

author Aki Tuomi <aki.tuomi@dovecot.fi>

Wed, 12 Oct 2016 10:14:03 +0000 (13:14 +0300)

committer Timo Sirainen <timo.sirainen@dovecot.fi>

Wed, 19 Oct 2016 13:43:30 +0000 (16:43 +0300)
author Aki Tuomi <aki.tuomi@dovecot.fi>
Wed, 12 Oct 2016 10:14:03 +0000 (13:14 +0300)
committer Timo Sirainen <timo.sirainen@dovecot.fi>
Wed, 19 Oct 2016 13:43:30 +0000 (16:43 +0300)
diff --git a/src/lib-program-client/program-client-local.c b/src/lib-program-client/program-client-local.c

index 8edcd59eef3fa91cfaa8eaced3c0058e472ec30f..c5254e211bbc7b5771e147a6810cb7e15969cce7 100644 (file)
--- a/src/lib-program-client/program-client-local.c
+++ b/src/lib-program-client/program-client-local.c
@@ -9,6 +9,7 @@
  #include "net.h"
  #include "istream.h"
  #include "ostream.h"
+#include "restrict-access.h"
  
  #include "program-client-private.h"
  
@@ -210,39 +211,8 @@ int program_client_local_connect(struct program_client *pclient)
                         }
                 }
  
-               /* drop privileges if we have any */
-               if (getuid() == 0) {
-                       uid_t uid;
-                       gid_t gid;
-
-                       /* switch back to root */
-                       if (seteuid(0) < 0)
-                               i_fatal("seteuid(0) failed: %m");
-
-                       /* drop gids first */
-                       gid = getgid();
-                       if (gid == 0 || gid != pclient->set.gid) {
-                               if (pclient->set.gid != 0)
-                                       gid = pclient->set.gid;
-                               else
-                                       gid = getegid();
-                       }
-                       if (setgroups(1, &gid) < 0)
-                               i_fatal("setgroups(%d) failed: %m", gid);
-                       if (gid != 0 && setgid(gid) < 0)
-                               i_fatal("setgid(%d) failed: %m", gid);
-
-                       /* drop uid */
-                       if (pclient->set.uid != 0)
-                               uid = pclient->set.uid;
-                       else
-                               uid = geteuid();
-                       if (uid != 0 && setuid(uid) < 0)
-                               i_fatal("setuid(%d) failed: %m", uid);
-               }
-
-               i_assert(pclient->set.uid == 0 || getuid() != 0);
-               i_assert(pclient->set.gid == 0 || getgid() != 0);
+               restrict_access(&pclient->set.restrict_set, pclient->set.home,
+                               !pclient->set.allow_root);
  
                 if (array_is_created(&pclient->envs))
                         envs = array_get(&pclient->envs, &count);
diff --git a/src/lib-program-client/program-client.h b/src/lib-program-client/program-client.h

index 651c82d6a946630f6c86a141b28f02e4f8c2b8ba..cd21faca5863fd7e92851e8f93cc60e9355014ec 100644 (file)
--- a/src/lib-program-client/program-client.h
+++ b/src/lib-program-client/program-client.h
@@ -4,15 +4,20 @@
  #ifndef PROGRAM_CLIENT_H
  #define PROGRAM_CLIENT_H
  
+#include "restrict-access.h"
+
  struct program_client;
  
  struct program_client_settings {
         unsigned int client_connect_timeout_msecs;
         unsigned int input_idle_timeout_secs;
+       /* initialize with
+          restrict_access_init(&set.restrict_set);
+       */
+       struct restrict_access_settings restrict_set;
+       const char *home;
  
-       uid_t uid;
-       gid_t gid;
-
+       bool allow_root:1;
         bool debug:1;
         bool drop_stderr:1;
  };
diff --git a/src/lib-program-client/test-program-client-local.c b/src/lib-program-client/test-program-client-local.c

index 04f12fb94c5c2c3819d3ebf5a233c836b00fab86..474cb5aa53acd949dc8173785557090bee39ccbb 100644 (file)
--- a/src/lib-program-client/test-program-client-local.c
+++ b/src/lib-program-client/test-program-client-local.c
@@ -24,6 +24,12 @@ struct program_client_settings pc_set = {
         .client_connect_timeout_msecs = 5000,
         .input_idle_timeout_secs = 1000,
         .debug = FALSE,
+       .restrict_set = {
+               .uid = (uid_t)-1,
+               .gid = (gid_t)-1,
+       },
+       /* we need to permit root when running make check as root */
+       .allow_root = TRUE,
  };
  
  static
diff --git a/src/lib-program-client/test-program-client-remote.c b/src/lib-program-client/test-program-client-remote.c

index 0dc78b58e2d537ef236e80aadff49f0cb5c3a979..d897abbd0a2e48ab5d20493d0cf6c58b51f717a9 100644 (file)
--- a/src/lib-program-client/test-program-client-remote.c
+++ b/src/lib-program-client/test-program-client-remote.c
@@ -30,8 +30,6 @@ static
  struct program_client_settings pc_set = {
         .client_connect_timeout_msecs = 1000,
         .input_idle_timeout_secs = 5000,
-       .gid = -1,
-       .uid = -1,
         .debug = TRUE,
  };
author	Aki Tuomi <aki.tuomi@dovecot.fi>
	Wed, 12 Oct 2016 10:14:03 +0000 (13:14 +0300)
committer	Timo Sirainen <timo.sirainen@dovecot.fi>
	Wed, 19 Oct 2016 13:43:30 +0000 (16:43 +0300)
src/lib-program-client/program-client-local.c		patch \| blob \| blame \| history
src/lib-program-client/program-client.h		patch \| blob \| blame \| history
src/lib-program-client/test-program-client-local.c		patch \| blob \| blame \| history
src/lib-program-client/test-program-client-remote.c		patch \| blob \| blame \| history