for SOLARIS builds, use the privilege APIs to drop unnecessary privileges for
security.
diff --git a/src/tcsd/svrside.c b/src/tcsd/svrside.c
index 04cb9e5..dc34c54 100644
--- a/src/tcsd/svrside.c
+++ b/src/tcsd/svrside.c
@@ -27,6 +27,13 @@
#include <arpa/inet.h>
#include <errno.h>
#include <getopt.h>
+#ifdef SOLARIS
+#include <priv.h>
+#endif
+#ifndef HAVE_DAEMON
+#include <fcntl.h>
+#endif
+
#include "trousers/tss.h"
#include "trousers_types.h"
#include "tcs_tsp.h"
@@ -210,6 +217,79 @@ reload_config(void)
}
+#ifdef SOLARIS
+
+/*
+ * For Solaris, make the tcsd privilege aware and drop
+ * risky privileges if they are not needed.
+ */
+static int
+drop_privs()
+{
+ priv_set_t *myprivs;
+ int rv;
+
+ /*
+ * Drop unneeded privs such as fork/exec.
+ *
+ * Get "basic" privs and remove the ones we don't want.
+ */
+ if ((myprivs = priv_str_to_set("basic", ",", NULL)) == NULL) {
+ LogError("priv_str_to_set failed: %s", strerror(errno));
+ return (1);
+ } else {
+ (void) priv_delset(myprivs, PRIV_PROC_EXEC);
+ (void) priv_delset(myprivs, PRIV_PROC_FORK);
+ (void) priv_delset(myprivs, PRIV_FILE_LINK_ANY);
+ (void) priv_delset(myprivs, PRIV_PROC_INFO);
+ (void) priv_delset(myprivs, PRIV_PROC_SESSION);
+ (void) priv_delset(myprivs, PRIV_PROC_SETID);
+
+ /* for auditing */
+ (void) priv_addset(myprivs, PRIV_PROC_AUDIT);
+
+ if ((rv = setppriv(PRIV_SET, PRIV_PERMITTED, myprivs)))
+ return (rv);
+ if ((rv = setppriv(PRIV_SET, PRIV_LIMIT, myprivs)))
+ return (rv);
+ if ((rv = setppriv(PRIV_SET, PRIV_INHERITABLE, myprivs)))
+ return (rv);
+
+ (void) priv_freeset(myprivs);
+ }
+ return (0);
+}
+#endif /* SOLARIS */
+
+#ifndef HAVE_DAEMON
+static int
+daemon(int nochdir, int noclose) {
+ int rv, fd;
+
+ switch (fork()) {
+ case -1:
+ return (-1);
+ case 0:
+ break;
+ default:
+ exit (0);
+ }
+
+ if (setsid() == -1)
+ return (-1);
+ if (!nochdir)
+ (void) chdir("/");
+ if (!noclose && (fd = open("/dev/null", O_RDWR, 0)) != -1) {
+ (void) dup2(fd, STDIN_FILENO);
+ (void) dup2(fd, STDOUT_FILENO);
+ (void) dup2(fd, STDERR_FILENO);
+ if (fd > 2)
+ (void)close (fd);
+ }
+ return (0);
+}
+#endif /* !HAVE_DAEMON */
+
int
main(int argc, char **argv)
{
@@ -225,6 +305,9 @@ main(int argc, char **argv)
{"foreground", 0, NULL, 'f'},
{0, 0, 0, 0}
};
+#ifdef SOLARIS
+ int rv;
+#endif
unsetenv("TCSD_USE_TCP_DEVICE");
while ((c = getopt_long(argc, argv, "fhe", long_options,
&option_index)) != -1) {
@@ -296,6 +379,11 @@ main(int argc, char **argv)
return -1;
}
}
+#ifdef SOLARIS
+ /* For Solaris, drop privileges for security. */
+ if ((rv = drop_privs()))
+ return (rv);
+#endif /* SOLARIS */
LogInfo("%s: TCSD up and running.", PACKAGE_STRING);
do {
------------------------------------------------------------------------------
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3.
Spend less time writing and rewriting code and more time creating great
experiences on the web. Be a part of the beta today
http://p.sf.net/sfu/msIE9-sfdev2dev
_______________________________________________
TrouSerS-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-tech
