Enlightenment CVS committal Author : raster Project : e17 Module : apps/e
Dir : e17/apps/e/src/bin Modified Files: e_sys_main.c Log Message: fix setuid stuff - oops. always allowed :) todo changes - still minor bug in fav icons. :( =================================================================== RCS file: /cvs/e/e17/apps/e/src/bin/e_sys_main.c,v retrieving revision 1.2 retrieving revision 1.3 diff -u -3 -r1.2 -r1.3 --- e_sys_main.c 3 Sep 2006 09:35:28 -0000 1.2 +++ e_sys_main.c 3 Sep 2006 23:09:14 -0000 1.3 @@ -12,7 +12,7 @@ #include <Evas.h> /* local subsystem functions */ -static int auth_action_ok(char *a); +static int auth_action_ok(char *a, uid_t uid, gid_t gid); static int auth_etc_enlightenment_sysactions(char *a, char *u, char *g); static char *get_word(char *s, char *d); @@ -26,6 +26,8 @@ int i; int test = 0; char *action, *cmd; + uid_t uid; + gid_t gid; for (i = 1; i < argc; i++) { @@ -54,15 +56,23 @@ exit(-1); } - if (seteuid(0)) + uid = getuid(); + gid = getgid(); + + if (setuid(0) != 0) { printf("ERROR: UNABLE TO ASSUME ROOT PRIVILEDGES\n"); exit(5); } + if (setgid(0) != 0) + { + printf("ERROR: UNABLE TO ASSUME ROOT GROUP PRIVILEDGES\n"); + exit(7); + } evas_init(); - if (!auth_action_ok(action)) + if (!auth_action_ok(action, uid, gid)) { printf("ERROR: ACTION NOT ALLOWED: %s\n", action); exit(10); @@ -84,18 +94,18 @@ /* local subsystem functions */ static int -auth_action_ok(char *a) +auth_action_ok(char *a, uid_t uid, gid_t gid) { struct passwd *pw; struct group *gp; char *usr = NULL, *grp; int ret; - pw = getpwuid(getuid()); + pw = getpwuid(uid); if (!pw) return 0; usr = pw->pw_name; if (!usr) return 0; - gp = getgrgid(getgid()); + gp = getgrgid(gid); if (gp) grp = gp->gr_name; /* first stage - check: * PREFIX/etc/enlightenment/sysactions.conf @@ -117,9 +127,9 @@ int allow = 0; int deny = 0; - snprintf(file, sizeof(file), "/etc/enlightenment/sysactions.conf"); - f = fopen(file, "r"); - if (!f) +// snprintf(file, sizeof(file), "/etc/enlightenment/sysactions.conf"); +// f = fopen(file, "r"); +// if (!f) { snprintf(file, sizeof(file), PACKAGE_SYSCONF_DIR"/enlightenment/sysactions.conf"); f = fopen(file, "r"); @@ -147,7 +157,7 @@ deny = 0; if (!strcmp(id, "user:")) { - if (!fnmatch(u, ugname, 0)) + if (!fnmatch(ugname, u, 0)) { if (!strcmp(perm, "allow:")) allow = 1; else if (!strcmp(perm, "deny:")) deny = 1; @@ -159,7 +169,7 @@ } else if (!strcmp(id, "group:")) { - if (!fnmatch(u, ugname, 0)) + if (!fnmatch(ugname, g, 0)) { if (!strcmp(perm, "allow:")) allow = 1; else if (!strcmp(perm, "deny:")) deny = 1; ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ enlightenment-cvs mailing list enlightenment-cvs@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-cvs