From fe8f9650079c8c349ab57452bd9f95b8dca499b8 Mon Sep 17 00:00:00 2001 From: Vincent Bernat Date: Thu, 20 Feb 2014 21:52:46 +0100 Subject: [PATCH] lldpcli: check for privileges by checking access to control socket Instead of relying on having used the suid bit to run the program, we check if the real UID/GID could have opened the control socket. This really fix #56. --- NEWS | 1 + src/client/lldpcli.c | 10 +++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 86205ed4..30537444 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,7 @@ lldpd (0.7.8) + Don't hard-code default values for system name, system description and port description. When the field is not present, just don't display it. + + Fix lldpcli behaviour when suid. * Features: + Android support + Add the possibility to disable privilege separation (lower diff --git a/src/client/lldpcli.c b/src/client/lldpcli.c index 0049a87f..4223c90f 100644 --- a/src/client/lldpcli.c +++ b/src/client/lldpcli.c @@ -42,6 +42,7 @@ extern const char *__progname; /* Global for completion */ static struct cmd_node *root = NULL; +const char *ctlname = NULL; static int is_lldpctl(const char *name) @@ -80,8 +81,10 @@ usage() static int is_privileged() { - return (getuid() == geteuid() && getgid() == getegid()) || - getuid() == 0; + /* Check we can access the control socket with read/write + * privileges. The `access()` function uses the real UID and real GID, + * therefore we don't have to mangle with our identity. */ + return (ctlname && access(ctlname, R_OK|W_OK) == 0); } static char* @@ -417,11 +420,12 @@ main(int argc, char *argv[]) lldpctl_conn_t *conn = NULL; const char *options = is_lldpctl(argv[0])?"hdvf:":"hdsvf:c:u:"; - const char *ctlname = lldpctl_get_default_transport(); int gotinputs = 0; struct inputs inputs; TAILQ_INIT(&inputs); + ctlname = lldpctl_get_default_transport(); + /* Initialize logging */ while ((ch = getopt(argc, argv, options)) != -1) { switch (ch) { -- 2.39.5