mirror of https://github.com/rd235/cado
117 lines
2.9 KiB
C
117 lines
2.9 KiB
C
|
/*
|
||
|
|
* cado: execute a command in a capability ambient
|
||
|
|
* Copyright (C) 2016 Renzo Davoli, University of Bologna
|
||
|
|
*
|
||
|
|
* This file is part of cado.
|
||
|
|
*
|
||
|
|
* Cado is free software; you can redistribute it and/or
|
||
|
|
* modify it under the terms of the GNU General Public License
|
||
|
|
* as published by the Free Software Foundation; either version 2
|
||
|
|
* of the License, or (at your option) any later version.
|
||
|
|
*
|
||
|
|
* This program is distributed in the hope that it will be useful,
|
||
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
|
|
* GNU General Public License for more details.
|
||
|
|
*
|
||
|
|
* You should have received a copy of the GNU General Public License
|
||
|
|
* along with this program; If not, see <http://www.gnu.org/licenses/>.
|
||
|
|
*
|
||
|
|
*/
|
||
|
|
|
||
|
|
#include <stdio.h>
|
||
|
|
#include <stdlib.h>
|
||
|
|
#include <string.h>
|
||
|
|
#include <unistd.h>
|
||
|
|
#include <ctype.h>
|
||
|
|
#include <fcntl.h>
|
||
|
|
#include <read_conf.h>
|
||
|
|
#include <set_ambient_cap.h>
|
||
|
|
#include <capset_from_namelist.h>
|
||
|
|
|
||
|
|
#ifndef CONFDIR
|
||
|
|
#define CONFDIR "/etc"
|
||
|
|
#endif
|
||
|
|
|
||
|
|
#define CADO_CONF CONFDIR "/cado.conf"
|
||
|
|
|
||
|
|
static int groupmatch (char *group, char **grouplist) {
|
||
|
|
for (;*grouplist; grouplist++) {
|
||
|
|
//printf("%s %s\n",group, *grouplist);
|
||
|
|
if (strcmp(group, *grouplist) == 0)
|
||
|
|
return 1;
|
||
|
|
}
|
||
|
|
return 0;
|
||
|
|
}
|
||
|
|
|
||
|
|
uint64_t get_authorized_caps(char **user_groups) {
|
||
|
|
uint64_t ok_caps=0;
|
||
|
|
FILE *f;
|
||
|
|
if (user_groups) raise_cap_dac_read_search();
|
||
|
|
f=fopen(CADO_CONF, "r");
|
||
|
|
if (f) {
|
||
|
|
char *line=NULL;
|
||
|
|
ssize_t len,n=0;
|
||
|
|
while ((len=getline(&line, &n, f)) > 0) {
|
||
|
|
//printf("%s",line);
|
||
|
|
char *scan=line;
|
||
|
|
char *tok;
|
||
|
|
uint64_t capset;
|
||
|
|
char *tmptok;
|
||
|
|
while (isspace(*scan)) scan++;
|
||
|
|
if (*scan == 0 || *scan == '#') //comment
|
||
|
|
continue;
|
||
|
|
tok=strtok_r(scan, ":", &tmptok);
|
||
|
|
//printf("%s\n",tok);
|
||
|
|
capset=0;
|
||
|
|
if (capset_from_namelist(tok, &capset) < 0)
|
||
|
|
continue;
|
||
|
|
if (user_groups == NULL) {
|
||
|
|
ok_caps |= capset;
|
||
|
|
continue;
|
||
|
|
}
|
||
|
|
//printf("CAP %s %d\n",tok,thiscap);
|
||
|
|
while ((tok=strtok_r(NULL, ",\n ",&tmptok)) != NULL) {
|
||
|
|
//printf("XX %s\n",tok);
|
||
|
|
if (*tok=='@') {
|
||
|
|
if (groupmatch(tok+1, user_groups+1)) {
|
||
|
|
ok_caps |= capset;
|
||
|
|
break;
|
||
|
|
}
|
||
|
|
} else if (strcmp(tok, user_groups[0]) == 0) {
|
||
|
|
ok_caps |= capset;
|
||
|
|
break;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
fclose(f);
|
||
|
|
if (line)
|
||
|
|
free(line);
|
||
|
|
}
|
||
|
|
if (user_groups) lower_cap_dac_read_search();
|
||
|
|
return ok_caps;
|
||
|
|
}
|
||
|
|
|
||
|
|
int set_self_capability(uint64_t capset) {
|
||
|
|
cap_value_t cap;
|
||
|
|
cap_t caps=cap_init();
|
||
|
|
int f,rv=-1;
|
||
|
|
for (cap = 0; cap <= CAP_LAST_CAP; cap++) {
|
||
|
|
if (capset & (1ULL << cap)) {
|
||
|
|
/*if (cap_set_flag(caps, CAP_PERMITTED, 1, &cap, CAP_SET) ||
|
||
|
|
cap_set_flag(caps, CAP_EFFECTIVE, 1, &cap, CAP_SET)) {*/
|
||
|
|
if (cap_set_flag(caps, CAP_PERMITTED, 1, &cap, CAP_SET)) {
|
||
|
|
fprintf(stderr, "Cannot set permitted cap %s\n",cap_to_name(cap));
|
||
|
|
exit(2);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
if ((f=open("/proc/self/exe",O_RDONLY)) >= 0) {
|
||
|
|
if (cap_set_fd(f,caps) >= 0)
|
||
|
|
rv=0;
|
||
|
|
close(f);
|
||
|
|
}
|
||
|
|
cap_free(caps);
|
||
|
|
return rv;
|
||
|
|
}
|