From becf700bc2053ac6b93c9342efe1701c7ccd4af6 Mon Sep 17 00:00:00 2001 From: Thomas Veerman Date: Fri, 27 Jan 2012 14:18:41 +0000 Subject: [PATCH] APFS: drop privileges upon startup Move SERVICE_LOGIN to rs.h global header so it's accessible for all. --- commands/service/parse.c | 2 -- common/include/minix/rs.h | 2 ++ servers/apfs/main.c | 12 ++++++++++-- servers/pm/misc.c | 8 -------- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/commands/service/parse.c b/commands/service/parse.c index ed675d4f0..1c5a1ba07 100644 --- a/commands/service/parse.c +++ b/commands/service/parse.c @@ -37,8 +37,6 @@ PRIVATE int class_recurs; /* Nesting level of class statements */ #include "parse.h" -#define SERVICE_LOGIN "service" /* passwd file entry for services */ - FORWARD void do_service(config_t *cpe, config_t *config, struct rs_config *); PRIVATE void do_class(config_t *cpe, config_t *config, struct rs_config *rs_config) diff --git a/common/include/minix/rs.h b/common/include/minix/rs.h index 586b14592..7becce826 100644 --- a/common/include/minix/rs.h +++ b/common/include/minix/rs.h @@ -10,6 +10,8 @@ Interface to the reincarnation server #include #include +#define SERVICE_LOGIN "service" /* passwd file entry for services */ + /* RSS definitions. */ #define RSS_NR_IRQ 16 #define RSS_NR_IO 16 diff --git a/servers/apfs/main.c b/servers/apfs/main.c index 73dd0d09f..cbba28287 100644 --- a/servers/apfs/main.c +++ b/servers/apfs/main.c @@ -4,7 +4,10 @@ #include #include #include +#include #include +#include +#include #include "buf.h" #include "inode.h" #include "uds.h" @@ -119,6 +122,7 @@ PRIVATE int sef_cb_init_fresh(int type, sef_init_info_t *info) { /* Initialize the pipe file server. */ int i; + struct passwd *pw; /* Initialize main loop parameters. */ exitsignaled = 0; /* No exit request seen yet. */ @@ -131,10 +135,14 @@ PRIVATE int sef_cb_init_fresh(int type, sef_init_info_t *info) init_inode_cache(); uds_init(); - - SELF_E = getprocnr(); buf_pool(); + if ((pw = getpwnam(SERVICE_LOGIN)) == NULL) + panic("unable to retrieve uid of SERVICE_LOGIN"); + if (setuid(pw->pw_uid) != 0) + panic("unable to drop privileges"); + SELF_E = getprocnr(); + return(OK); } diff --git a/servers/pm/misc.c b/servers/pm/misc.c index 1e40f6c77..531e9bc58 100644 --- a/servers/pm/misc.c +++ b/servers/pm/misc.c @@ -237,14 +237,6 @@ PUBLIC int do_getepinfo() register struct mproc *rmp; endpoint_t ep; - /* This call should be moved to DS. */ - if (mp->mp_effuid != 0) { - printf("PM: unauthorized call of do_getepinfo_o by proc %d\n", - mp->mp_endpoint); - sys_sysctl_stacktrace(mp->mp_endpoint); - return EPERM; - } - ep = m_in.PM_ENDPT; for (rmp = &mproc[0]; rmp < &mproc[NR_PROCS]; rmp++) {