Enlightenment CVS committal
Author : raster
Project : e17
Module : apps/e
Dir : e17/apps/e/src/bin
Modified Files:
e_sys_main.c
Log Message:
fix setuid stuff - oops. always allowed :)
todo changes - still minor bug in fav icons. :(
===================================================================
RCS file: /cvs/e/e17/apps/e/src/bin/e_sys_main.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -3 -r1.2 -r1.3
--- e_sys_main.c 3 Sep 2006 09:35:28 -0000 1.2
+++ e_sys_main.c 3 Sep 2006 23:09:14 -0000 1.3
@@ -12,7 +12,7 @@
#include <Evas.h>
/* local subsystem functions */
-static int auth_action_ok(char *a);
+static int auth_action_ok(char *a, uid_t uid, gid_t gid);
static int auth_etc_enlightenment_sysactions(char *a, char *u, char *g);
static char *get_word(char *s, char *d);
@@ -26,6 +26,8 @@
int i;
int test = 0;
char *action, *cmd;
+ uid_t uid;
+ gid_t gid;
for (i = 1; i < argc; i++)
{
@@ -54,15 +56,23 @@
exit(-1);
}
- if (seteuid(0))
+ uid = getuid();
+ gid = getgid();
+
+ if (setuid(0) != 0)
{
printf("ERROR: UNABLE TO ASSUME ROOT PRIVILEDGES\n");
exit(5);
}
+ if (setgid(0) != 0)
+ {
+ printf("ERROR: UNABLE TO ASSUME ROOT GROUP PRIVILEDGES\n");
+ exit(7);
+ }
evas_init();
- if (!auth_action_ok(action))
+ if (!auth_action_ok(action, uid, gid))
{
printf("ERROR: ACTION NOT ALLOWED: %s\n", action);
exit(10);
@@ -84,18 +94,18 @@
/* local subsystem functions */
static int
-auth_action_ok(char *a)
+auth_action_ok(char *a, uid_t uid, gid_t gid)
{
struct passwd *pw;
struct group *gp;
char *usr = NULL, *grp;
int ret;
- pw = getpwuid(getuid());
+ pw = getpwuid(uid);
if (!pw) return 0;
usr = pw->pw_name;
if (!usr) return 0;
- gp = getgrgid(getgid());
+ gp = getgrgid(gid);
if (gp) grp = gp->gr_name;
/* first stage - check:
* PREFIX/etc/enlightenment/sysactions.conf
@@ -117,9 +127,9 @@
int allow = 0;
int deny = 0;
- snprintf(file, sizeof(file), "/etc/enlightenment/sysactions.conf");
- f = fopen(file, "r");
- if (!f)
+// snprintf(file, sizeof(file), "/etc/enlightenment/sysactions.conf");
+// f = fopen(file, "r");
+// if (!f)
{
snprintf(file, sizeof(file),
PACKAGE_SYSCONF_DIR"/enlightenment/sysactions.conf");
f = fopen(file, "r");
@@ -147,7 +157,7 @@
deny = 0;
if (!strcmp(id, "user:"))
{
- if (!fnmatch(u, ugname, 0))
+ if (!fnmatch(ugname, u, 0))
{
if (!strcmp(perm, "allow:")) allow = 1;
else if (!strcmp(perm, "deny:")) deny = 1;
@@ -159,7 +169,7 @@
}
else if (!strcmp(id, "group:"))
{
- if (!fnmatch(u, ugname, 0))
+ if (!fnmatch(ugname, g, 0))
{
if (!strcmp(perm, "allow:")) allow = 1;
else if (!strcmp(perm, "deny:")) deny = 1;
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
enlightenment-cvs mailing list
enlightenment-cvs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-cvs
