diff options
author | Eric S. Raymond <esr@thyrsus.com> | 2005-06-24 21:27:06 +0000 |
---|---|---|
committer | Eric S. Raymond <esr@thyrsus.com> | 2005-06-24 21:27:06 +0000 |
commit | 144d5702cedbcffc442b8556a892c79a35748d28 (patch) | |
tree | 11f92ae005362590233ceef4ad82ac8641604a00 | |
parent | 15e1191847bcf70d170a11556ca2ab459ec5ba5b (diff) | |
download | gpsd-144d5702cedbcffc442b8556a892c79a35748d28.tar.gz |
Changes to support valgrind auditing.
-rw-r--r-- | Makefile.am | 1 | ||||
-rw-r--r-- | gpsd.c | 46 | ||||
-rw-r--r-- | gpsd.xml | 5 | ||||
-rw-r--r-- | valgrind-suppressions | 14 |
4 files changed, 42 insertions, 24 deletions
diff --git a/Makefile.am b/Makefile.am index 1a34995a..c4ca2599 100644 --- a/Makefile.am +++ b/Makefile.am @@ -167,6 +167,7 @@ EXTRA_DIST = \ gpsfake \ gpsd.hotplug \ gpsd.usermap \ + valgrind-suppressions \ logextract # This is not distributed @@ -938,8 +938,6 @@ int main(int argc, char *argv[]) fd_set rfds, control_fds; int i, option, msock, cfd, dfd; bool go_background = true; - struct passwd *pw; - struct stat stb; struct timeval tv; // extern char *optarg; @@ -1042,11 +1040,6 @@ int main(int argc, char *argv[]) } #endif /* NTPSHM_ENABLE */ - /* make default devices accessible even after we drop privileges */ - for (i = optind; i < argc; i++) - if (stat(argv[i], &stb) == 0) - (void)chmod(argv[i], stb.st_mode|S_IRGRP|S_IWGRP); - #if DBUS_ENABLE /* we need to connect to dbus as root */ if (initialize_dbus_connection()) { @@ -1055,23 +1048,32 @@ int main(int argc, char *argv[]) } else gpsd_report (2, "successfully connected to the DBUS system bus\n"); #endif /* DBUS_ENABLE */ - - /* - * Drop privileges. Up to now we've been running as root. Instead, - * set the user ID to 'nobody' and the group ID to the owning group - * of a prototypical TTY device. This limits the scope of any - * compromises in the code. It requires that all GPS devices have - * their group read/write permissions set. - */ - if (getuid() == 0 && ((optind<argc && stat(argv[optind], &stb)==0) || stat(PROTO_TTY, &stb)==0)) { - gpsd_report(2, "changing to group %d\n", stb.st_gid); - if (setgid(stb.st_gid) != 0) - gpsd_report(0, "setgid() failed, errno %s\n", strerror(errno)); + + if (getuid() == 0 && go_background) { + struct passwd *pw; + struct stat stb; + + /* make default devices accessible even after we drop privileges */ + for (i = optind; i < argc; i++) + if (stat(argv[i], &stb) == 0) + (void)chmod(argv[i], stb.st_mode|S_IRGRP|S_IWGRP); + /* + * Drop privileges. Up to now we've been running as root. Instead, + * set the user ID to 'nobody' and the group ID to the owning group + * of a prototypical TTY device. This limits the scope of any + * compromises in the code. It requires that all GPS devices have + * their group read/write permissions set. + */ + if ((optind<argc&&stat(argv[optind], &stb)==0)||stat(PROTO_TTY,&stb)==0) { + gpsd_report(2, "changing to group %d\n", stb.st_gid); + if (setgid(stb.st_gid) != 0) + gpsd_report(0, "setgid() failed, errno %s\n", strerror(errno)); + } + pw = getpwnam("nobody"); + if (pw) + (void)setuid(pw->pw_uid); } gpsd_report(2, "running with effective group ID %d\n", getegid()); - pw = getpwnam("nobody"); - if (pw) - (void)setuid(pw->pw_uid); gpsd_report(2, "running with effective user ID %d\n", geteuid()); /* user may want to re-initialize all channels */ @@ -109,8 +109,9 @@ well with -D2 to enable monitoring of the GPS data stream.</para> </varlistentry> <varlistentry> <term>-N</term> -<listitem><para>Don't daemonize; run in foreground. Mainly useful -for debugging.</para> +<listitem><para>Don't daemonize; run in foreground. Also suppresses +privilege-dropping. This switch is mainly useful for debugging. +Its meaning may change in future versions.</para> </listitem> </varlistentry> <varlistentry> diff --git a/valgrind-suppressions b/valgrind-suppressions new file mode 100644 index 00000000..eee8281c --- /dev/null +++ b/valgrind-suppressions @@ -0,0 +1,14 @@ +# Suppress known C library errors in valgrind. +# This is good under gcc 3.4.2, glibc 2.3.4 +{ + strlen1 + Memcheck:Value8 + fun:vfprintf + fun:vsnprintf + fun:gpsd_report + fun:sirf_parse + fun:sirfbin_parse_input + fun:handle_packet + fun:gpsd_poll + fun:main +} |