Skip to content

Check whether the logfile is a regular file. Fixed incomplete privilege drop. #105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
m0n73 wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Check whether the logfile is a regular file. Fixed incomplete privilege drop. #105

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
11fd322
Check whether the logfile is a regular file.
m0n73 Aug 20, 2020
5ae011d
Fixed incomplete privilege drop in perform_user_change(); hardened pr…
m0n73 Aug 21, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 42 additions & 15 deletions fiche.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ Use netcat to push text - example:
#include <string.h>

#include <pwd.h>
#include <grp.h>
#include <time.h>
#include <unistd.h>
#include <pthread.h>
Expand Down Expand Up @@ -252,19 +253,29 @@ int fiche_run(Fiche_Settings settings) {
}
}

// Check if log file is writable (if set)
// Check if log file is valid and writable (if set)
if ( settings.log_file_path ) {

// Create log file if it doesn't exist
FILE *f = fopen(settings.log_file_path, "a+");
fclose(f);

// Then check if it's accessible
if ( access(settings.log_file_path, W_OK) != 0 ) {
print_error("Log file not writable!");
return -1;
struct stat log_file_st;
memset(&log_file_st, 0, sizeof(struct stat));

if ( stat(settings.log_file_path, &log_file_st) == 0 ) {
// Is the log file a regular file?
if ( !S_ISREG(log_file_st.st_mode) ) {
print_error("Log file is not valid!");
return -1;
}

// Can we write to it?
if ( access(settings.log_file_path, W_OK) != 0 ) {
print_error("Log file is not writable!");
return -1;
}
} else {
// Log file doesn't exist - create it.
FILE *f = fopen(settings.log_file_path, "a+");
fclose(f);
}

}

// Try to set domain name
Expand Down Expand Up @@ -404,22 +415,38 @@ static int perform_user_change(const Fiche_Settings *settings) {
// Get user details
const struct passwd *userdata = getpwnam(settings->user_name);

const int uid = userdata->pw_uid;
const int gid = userdata->pw_gid;

if (uid == -1 || gid == -1) {
if (!userdata) {
print_error("Could find requested user: %s!", settings->user_name);
return -1;
}

const uid_t uid = userdata->pw_uid;
const gid_t gid = userdata->pw_gid;

if (setgid(gid) != 0) {
print_error("Couldn't switch to requested user: %s!", settings->user_name);
print_error("Couldn't switch to requested group for user: %s!", settings->user_name);
}

// Check if gid change actually happened.
if (getgid() != gid) {
print_error("Couldn't switch to requested group for user: %s!", settings->user_name);
}

// We must re-initialize supplementary groups to avoid inheriting
// root's supplementary groups.
if (initgroups(settings->user_name, gid) != 0) {
print_error("Couldn't initialize supplementary groups for user: %s!", settings->user_name);
}

if (setuid(uid) != 0) {
print_error("Couldn't switch to requested user: %s!", settings->user_name);
}

// Check if uid change actually happened.
if (getuid() != uid) {
print_error("Couldn't switch to requested user: %s!", settings->user_name);
}

print_status("User changed to: %s.", settings->user_name);

return 0;
Expand Down