From: Roy Marples <roy@marples.name>
Date: Fri, 5 Jun 2020 11:24:44 +0000 (+0100)
Subject: privsep: Set resource limits when dropping privs
X-Git-Tag: v9.1.2~45
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8b0d90f51e53d152d5b170db87089e0e15ded3a3;p=thirdparty%2Fdhcpcd.git

privsep: Set resource limits when dropping privs

Disables forking, new files, sockets and writing large files.
---

diff --git a/src/privsep.c b/src/privsep.c
index fbfb99d3..ed01d2a8 100644
--- a/src/privsep.c
+++ b/src/privsep.c
@@ -39,6 +39,7 @@
  * this in a script or something.
  */
 
+#include <sys/resource.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
 #include <sys/types.h>
@@ -112,6 +113,7 @@ int
 ps_dropprivs(struct dhcpcd_ctx *ctx)
 {
 	struct passwd *pw = ctx->ps_user;
+	struct rlimit rzero = { .rlim_cur = 0, .rlim_max = 0 };
 
 	if (!(ctx->options & DHCPCD_FORKED))
 		logdebugx("chrooting to `%s' as %s", pw->pw_dir, pw->pw_name);
@@ -128,6 +130,26 @@ ps_dropprivs(struct dhcpcd_ctx *ctx)
 		return -1;
 	}
 
+	/* Prohibit new files, sockets, etc */
+	if (setrlimit(RLIMIT_NOFILE, &rzero) == -1) {
+		logerr("setrlimit RLIMIT_NOFILE");
+		return -1;
+	}
+
+	/* Prohibit large files */
+	if (setrlimit(RLIMIT_FSIZE, &rzero) == -1) {
+		logerr("setrlimit RLIMIT_FSIZE");
+		return -1;
+	}
+
+#ifdef RLIMIT_NPROC
+	/* Prohibit forks */
+	if (setrlimit(RLIMIT_NPROC, &rzero) == -1) {
+		logerr("setrlimit RLIMIT_NPROC");
+		return -1;
+	}
+#endif
+
 	return 0;
 }