Greetings,
We are a small company who are increasingly relying on
memcached for our big projects. We are very pleased with
its performance.
I've put this patch that
1) chroots to /var/empty
2) change from root to a simple user.
It effectively jails the process once it no longer needs root
privilege and allows an attacker very little room to play.
The patch has been working fine on our gentoo server for
quite some time.
Feedback is most welcomed, and we are more than willing to
improve the patch to fit your standards.
//Logan
C-x-C-c
diff --git a/memcached.c b/memcached.c
index 750c8b3..6c082ec 100644
--- a/memcached.c
+++ b/memcached.c
@@ -22,6 +22,8 @@
#include <sys/uio.h>
#include <ctype.h>
#include <stdarg.h>
+#include <unistd.h>
+#include <grp.h>
/* some POSIX systems need the following definition
* to get mlockall flags out of sys/mman.h. */
@@ -4675,6 +4677,30 @@ int main (int argc, char **argv) {
}
/* Drop privileges no longer needed */
+ if (getuid()==0 || geteuid()==0) {
+ if ((pw=getpwnam("_memcached")) == NULL) {
+ fprintf(stderr,"user _memcached not found");
+ exit(EX_NOUSER);
+ }
+
+ if((chroot("/var/empty") == -1)) {
+ fprintf(stderr,"check permissions on /var/empty");
+ exit(EX_OSERR);
+ }
+
+ if(chdir("/") == -1) {
+ fprintf(stderr," Cannot set new root");
+ exit(EX_OSERR);
+ }
+
+ if(setgroups(1, &pw->pw_gid) ||
+ setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
+ setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
+ fprintf(stderr," failed to switch to correct user");
+ exit(EX_NOUSER);
+ }
+
+ }
drop_privileges();
/* enter the event loop */
--
`` Real men run current !''
