diff options
author | Stef Walter <stef@thewalter.net> | 2013-07-17 11:57:02 +0200 |
---|---|---|
committer | Stef Walter <stef@thewalter.net> | 2013-07-18 08:45:57 +0200 |
commit | 936e4c229a4ed205e9981fc4f31acea063701b69 (patch) | |
tree | f6f9c7fcbee8a097e7b1abfad9c4bdd8552708cc /common/compat.c | |
parent | 81a6e16539e5e4a27c55194ae095cc4a75d08ade (diff) | |
download | p11-kit-936e4c229a4ed205e9981fc4f31acea063701b69.tar.gz |
Don't load configs from user directory when setuid
When running as setuid() or setgid() don't access the user's home
directory, or use $HOME environment variables.
https://bugzilla.redhat.com/show_bug.cgi?id=985014
Diffstat (limited to 'common/compat.c')
-rw-r--r-- | common/compat.c | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/common/compat.c b/common/compat.c index 5efc932..3b1361c 100644 --- a/common/compat.c +++ b/common/compat.c @@ -759,3 +759,51 @@ mkdtemp (char *template) } #endif /* HAVE_MKDTEMP */ + +#ifndef HAVE_GETAUXVAL + +unsigned long +getauxval (unsigned long type) +{ + static unsigned long secure = 0UL; + static bool check_secure_initialized = false; + + /* + * This is the only one our stand-in impl supports and is + * also the only type we define in compat.h header + */ + assert (type == AT_SECURE); + + if (!check_secure_initialized) { +#if defined(HAVE___LIBC_ENABLE_SECURE) + extern int __libc_enable_secure; + secure = __libc_enable_secure; + +#elif defined(HAVE_ISSETUGID) + secure = issetugid (); + +#elif defined(OS_UNIX) + uid_t ruid, euid, suid; /* Real, effective and saved user ID's */ + gid_t rgid, egid, sgid; /* Real, effective and saved group ID's */ + +#ifdef HAVE_GETRESUID + if (getresuid (&ruid, &euid, &suid) != 0 || + getresgid (&rgid, &egid, &sgid) != 0) +#endif /* HAVE_GETRESUID */ + { + suid = ruid = getuid (); + sgid = rgid = getgid (); + euid = geteuid (); + egid = getegid (); + } + + secure = (ruid != euid || ruid != suid || + rgid != egid || rgid != sgid); +#endif /* OS_UNIX */ + check_secure_initialized = true; + } + + return secure; +} + +#endif /* HAVE_GETAUXVAL */ |