styx
/
enlightenment
forked from enlightenment/enlightenment
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

e_sys - address security concerns with environment and gdb

Browse Source 
1. clear out environment as best is possible before executing
anything. especially PATH and IFS are set to minimal base defaults.
also use clearenv() if available and unsetenv()

2. remove gdb method as it's just too dangerous. run it as normal as
the user and if the kernel / distro dny that - then sorry. too bad.
devs/sachiel/e19
Carsten Haitzler 10 years ago
parent 8803e7fed2
commit bb4a21e986
4 changed files with 34 additions and 47 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      configure.ac
  2. 15
      data/etc/sysactions.conf.in
  3. 3
      src/bin/e_start_main.c
  4. 61
      src/bin/e_sys_main.c

2
configure.ac
Unescape View File

@ -73,6 +73,8 @@ EFL_CHECK_PATH_MAX
AC_CHECK_FUNCS(setenv)
AC_CHECK_FUNCS(unsetenv)
AC_CHECK_FUNCS(clearenv)
AC_CHECK_HEADERS([features.h])
efl_version="1.8.0"
AC_SUBST(efl_version)

15
data/etc/sysactions.conf.in
Unescape View File

@ -43,15 +43,14 @@
# user and group name can use glob matches (* == all for example) like the
# shell. as can action names allowed or denied.
action: halt @HALT@
action: reboot @REBOOT@
action: suspend @SUSPEND@
action: hibernate @HIBERNATE@
action: /bin/mount /bin/mount
action: /bin/umount /bin/umount
action: halt @HALT@
action: reboot @REBOOT@
action: suspend @SUSPEND@
action: hibernate @HIBERNATE@
action: /bin/mount /bin/mount
action: /bin/umount /bin/umount
action: /usr/bin/eject /usr/bin/eject
action: gdb gdb
action: l2ping l2ping
action: l2ping /usr/bin/l2ping
# on FreeBSD use this instead of the above.
#action suspend /usr/sbin/zzz

3
src/bin/e_start_main.c
Unescape View File

@ -567,8 +567,7 @@ main(int argc, char **argv)
{
/* call e_sys gdb */
snprintf(buffer, 4096,
"%s/enlightenment/utils/enlightenment_sys gdb %i %s/.e-crashdump.txt",
eina_prefix_lib_get(pfx),
"gdb %i %s/.e-crashdump.txt",
child,
home);
r = system(buffer);

61
src/bin/e_sys_main.c
Unescape View File

@ -1,5 +1,11 @@
#include "config.h"
#define __USE_MISC
#define _SVID_SOURCE
#ifdef HAVE_FEATURES_H
# include <features.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
@ -53,7 +59,6 @@ main(int argc,
const char *act;
#endif
gid_t gid, gl[65536], egid;
int pid = 0;
for (i = 1; i < argc; i++)
{
@ -75,21 +80,6 @@ main(int argc,
test = 1;
action = argv[2];
}
else if (!strcmp(argv[1], "gdb"))
{
if (argc != 4) exit(1);
char *end = NULL;
action = argv[1];
pid = strtoul(argv[2], &end, 10);
if (end == NULL || *end != '\0')
{
printf("Invalid pid for '%s'.\n", argv[3]);
exit(0);
}
output = argv[3];
}
else if (!strcmp(argv[1], "l2ping"))
{
action = argv[1];
@ -161,27 +151,7 @@ main(int argc,
exit(20);
}
if (!strcmp(action, "gdb"))
{
char buffer[4096];
int r;
snprintf(buffer, 4096,
"%s --pid=%i "
"-batch "
"-ex 'set logging file %s' "
"-ex 'set logging on' "
"-ex 'thread apply all backtrace full' "
"-ex detach > /dev/null 2>&1 < /dev/zero",
cmd,
pid,
output ?: "e-output.txt");
r = system(buffer);
exit(WEXITSTATUS(r));
}
else if (!test && !strcmp(action, "l2ping"))
if (!test && !strcmp(action, "l2ping"))
{
char tmp[128];
double latency;
@ -193,6 +163,23 @@ main(int argc,
return (latency < 0) ? 1 : 0;
}
/* sanitize environment */
#ifdef HAVE_UNSETENV
# define NOENV(x) unsetenv(x)
#else
# define NOENV(x)
#endif
NOENV("IFS");
NOENV("LD_PRELOAD");
NOENV("PYTHONPATH");
NOENV("LD_LIBRARY_PATH");
#ifdef HAVE_CLEARENV
clearenv();
#endif
/* set path and ifs to minimal defaults */
putenv("PATH=/bin:/usr/bin");
putenv("IFS= \t\n");
if ((!test)
#ifdef HAVE_EEZE_MOUNT
&& (!mnt)

Write Preview
Loading…
Cancel
Save