/src/libwebsockets/lib/plat/unix/unix-caps.c
Line | Count | Source |
1 | | /* |
2 | | * libwebsockets - small server side websockets and web server implementation |
3 | | * |
4 | | * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com> |
5 | | * |
6 | | * Permission is hereby granted, free of charge, to any person obtaining a copy |
7 | | * of this software and associated documentation files (the "Software"), to |
8 | | * deal in the Software without restriction, including without limitation the |
9 | | * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or |
10 | | * sell copies of the Software, and to permit persons to whom the Software is |
11 | | * furnished to do so, subject to the following conditions: |
12 | | * |
13 | | * The above copyright notice and this permission notice shall be included in |
14 | | * all copies or substantial portions of the Software. |
15 | | * |
16 | | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
17 | | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
18 | | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
19 | | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
20 | | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
21 | | * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS |
22 | | * IN THE SOFTWARE. |
23 | | */ |
24 | | |
25 | | #if !defined(_GNU_SOURCE) |
26 | | #define _GNU_SOURCE |
27 | | #endif |
28 | | #include "private-lib-core.h" |
29 | | |
30 | | #include <pwd.h> |
31 | | #include <grp.h> |
32 | | |
33 | | #if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) |
34 | | static void |
35 | | _lws_plat_apply_caps(unsigned int mode, const cap_value_t *cv, int count) |
36 | | { |
37 | | cap_t caps; |
38 | | |
39 | | if (!count) |
40 | | return; |
41 | | |
42 | | caps = cap_get_proc(); |
43 | | |
44 | | cap_set_flag(caps, (cap_flag_t)mode, count, cv, CAP_SET); |
45 | | cap_set_proc(caps); |
46 | | prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); |
47 | | cap_free(caps); |
48 | | } |
49 | | #endif |
50 | | |
51 | | int |
52 | | lws_plat_user_colon_group_to_ids(const char *u_colon_g, uid_t *puid, gid_t *pgid) |
53 | 0 | { |
54 | 0 | const char *colon = strchr(u_colon_g, ':'); |
55 | 0 | char u[33]; |
56 | 0 | struct group *g; |
57 | 0 | struct passwd *p; |
58 | 0 | size_t ulen; |
59 | |
|
60 | 0 | if (!colon) |
61 | 0 | return 1; |
62 | | |
63 | 0 | ulen = (size_t)(unsigned int)lws_ptr_diff(colon, u_colon_g); |
64 | 0 | if (ulen < 2 || ulen > sizeof(u) - 1) |
65 | 0 | return 1; |
66 | | |
67 | 0 | memcpy(u, u_colon_g, ulen); |
68 | 0 | u[ulen] = '\0'; |
69 | |
|
70 | 0 | colon++; |
71 | |
|
72 | 0 | #if defined(LWS_HAVE_GETGRNAM_R) |
73 | 0 | { |
74 | 0 | struct group gr; |
75 | 0 | char strs[1024]; |
76 | |
|
77 | 0 | if (getgrnam_r(colon, &gr, strs, sizeof(strs), &g) || !g) { |
78 | | #else |
79 | | { |
80 | | g = getgrnam(colon); |
81 | | if (!g) { |
82 | | #endif |
83 | 0 | lwsl_err("%s: unknown group '%s'\n", __func__, colon); |
84 | |
|
85 | 0 | return 1; |
86 | 0 | } |
87 | 0 | *pgid = g->gr_gid; |
88 | 0 | } |
89 | | |
90 | 0 | #if defined(LWS_HAVE_GETPWNAM_R) |
91 | 0 | { |
92 | 0 | struct passwd pr; |
93 | 0 | char strs[1024]; |
94 | |
|
95 | 0 | if (getpwnam_r(u, &pr, strs, sizeof(strs), &p) || !p) { |
96 | | #else |
97 | | { |
98 | | p = getpwnam(u); |
99 | | if (!p) { |
100 | | #endif |
101 | 0 | lwsl_err("%s: unknown user '%s'\n", __func__, u); |
102 | |
|
103 | 0 | return 1; |
104 | 0 | } |
105 | 0 | *puid = p->pw_uid; |
106 | 0 | } |
107 | | |
108 | 0 | return 0; |
109 | 0 | } |
110 | | |
111 | | int |
112 | | lws_plat_drop_app_privileges(struct lws_context *context, int actually_drop) |
113 | 0 | { |
114 | 0 | struct passwd *p; |
115 | 0 | struct group *g; |
116 | | |
117 | | /* if he gave us the groupname, align gid to match it */ |
118 | |
|
119 | 0 | if (context->groupname) { |
120 | 0 | #if defined(LWS_HAVE_GETGRNAM_R) |
121 | 0 | struct group gr; |
122 | 0 | char strs[1024]; |
123 | |
|
124 | 0 | if (!getgrnam_r(context->groupname, &gr, strs, sizeof(strs), &g) && g) { |
125 | | #else |
126 | | g = getgrnam(context->groupname); |
127 | | if (g) { |
128 | | #endif |
129 | 0 | lwsl_cx_info(context, "group %s -> gid %u", |
130 | 0 | context->groupname, g->gr_gid); |
131 | 0 | context->gid = g->gr_gid; |
132 | 0 | } else { |
133 | 0 | lwsl_cx_err(context, "unknown groupname '%s'", |
134 | 0 | context->groupname); |
135 | |
|
136 | 0 | return 1; |
137 | 0 | } |
138 | 0 | } |
139 | | |
140 | | /* if he gave us the username, align uid to match it */ |
141 | | |
142 | 0 | if (context->username) { |
143 | 0 | #if defined(LWS_HAVE_GETPWNAM_R) |
144 | 0 | struct passwd pr; |
145 | 0 | char strs[1024]; |
146 | |
|
147 | 0 | if (!getpwnam_r(context->username, &pr, strs, sizeof(strs), &p) && p) { |
148 | | #else |
149 | | p = getpwnam(context->username); |
150 | | if (p) { |
151 | | #endif |
152 | 0 | context->uid = p->pw_uid; |
153 | |
|
154 | 0 | lwsl_cx_info(context, "username %s -> uid %u", |
155 | 0 | context->username, (unsigned int)p->pw_uid); |
156 | 0 | } else { |
157 | 0 | lwsl_cx_err(context, "unknown username %s", |
158 | 0 | context->username); |
159 | |
|
160 | 0 | return 1; |
161 | 0 | } |
162 | 0 | } |
163 | | |
164 | 0 | if (!actually_drop) |
165 | 0 | return 0; |
166 | | |
167 | | /* if he gave us the gid or we have it from the groupname, set it */ |
168 | | |
169 | 0 | if (context->gid && context->gid != (gid_t)-1l) { |
170 | 0 | #if defined(LWS_HAVE_GETGRGID_R) |
171 | 0 | struct group gr; |
172 | 0 | char strs[1024]; |
173 | |
|
174 | 0 | if (getgrgid_r(context->gid, &gr, strs, sizeof(strs), &g) || !g) { |
175 | | #else |
176 | | g = getgrgid(context->gid); |
177 | | if (!g) { |
178 | | #endif |
179 | 0 | lwsl_cx_err(context, "cannot find name for gid %d", |
180 | 0 | context->gid); |
181 | |
|
182 | 0 | return 1; |
183 | 0 | } |
184 | | |
185 | 0 | if (setgid(context->gid)) { |
186 | 0 | lwsl_cx_err(context, "setgid: %s failed", |
187 | 0 | strerror(LWS_ERRNO)); |
188 | |
|
189 | 0 | return 1; |
190 | 0 | } |
191 | | |
192 | 0 | lwsl_cx_notice(context, "effective group '%s'", g->gr_name); |
193 | 0 | } else |
194 | 0 | lwsl_cx_info(context, "not changing group"); |
195 | | |
196 | | |
197 | | /* if he gave us the uid or we have it from the username, set it */ |
198 | | |
199 | 0 | if (context->uid && context->uid != (uid_t)-1l) { |
200 | 0 | #if defined(LWS_HAVE_GETPWUID_R) |
201 | 0 | struct passwd pr; |
202 | 0 | char strs[1024]; |
203 | |
|
204 | 0 | if (getpwuid_r(context->uid, &pr, strs, sizeof(strs), &p) || !p) { |
205 | | #else |
206 | | p = getpwuid(context->uid); |
207 | | if (!p) { |
208 | | #endif |
209 | 0 | lwsl_cx_err(context, "getpwuid: unable to find uid %d", |
210 | 0 | context->uid); |
211 | 0 | return 1; |
212 | 0 | } |
213 | | |
214 | | #if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) |
215 | | _lws_plat_apply_caps(CAP_PERMITTED, context->caps, |
216 | | context->count_caps); |
217 | | #endif |
218 | | |
219 | 0 | if (initgroups(p->pw_name, |
220 | | #if defined(__APPLE__) |
221 | | (int) |
222 | | #endif |
223 | 0 | context->gid)) |
224 | 0 | return 1; |
225 | | |
226 | 0 | if (setuid(context->uid)) { |
227 | 0 | lwsl_cx_err(context, "setuid: %s failed", |
228 | 0 | strerror(LWS_ERRNO)); |
229 | |
|
230 | 0 | return 1; |
231 | 0 | } else |
232 | 0 | lwsl_cx_notice(context, "effective user '%s'", |
233 | 0 | p->pw_name); |
234 | |
|
235 | | #if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) |
236 | | _lws_plat_apply_caps(CAP_EFFECTIVE, context->caps, |
237 | | context->count_caps); |
238 | | |
239 | | if (context->count_caps) { |
240 | | int n; |
241 | | for (n = 0; n < context->count_caps; n++) |
242 | | lwsl_cx_notice(context, " RETAINING CAP %d", |
243 | | (int)context->caps[n]); |
244 | | } |
245 | | #endif |
246 | 0 | } else |
247 | 0 | lwsl_cx_info(context, "not changing user"); |
248 | | |
249 | 0 | return 0; |
250 | 0 | } |