'Re: [PATCH] artswrapper SUID root'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-multimedia
Subject:    Re: [PATCH] artswrapper SUID root
From:       Stefan Westerfeld <stefan () space ! twc ! de>
Date:       2000-09-07 20:08:16
[Download RAW message or body]

Hi!

On Thu, Sep 07, 2000 at 10:05:35PM +0200, Stefan Westerfeld wrote:
> The patch is attached, [...]
Damn, that happens with all the patches, well, anyway here it is.

   Cu... Stefan
-- 
  -* Stefan Westerfeld, stefan@space.twc.de (PGP!), Hamburg/Germany
     KDE Developer, project infos at http://space.twc.de/~stefan/kde *-         

["20000907-artswrapper-suid.diff" (text/plain)]

Index: Makefile.am
===================================================================
RCS file: /home/kde/kdelibs/arts/soundserver/Makefile.am,v
retrieving revision 1.14
diff -b -u -p -r1.14 Makefile.am

--- Makefile.am	2000/09/06 16:56:57	1.14
+++ Makefile.am	2000/09/07 19:56:39
@@ -68,3 +68,6 @@ if HAVE_WAVSUPPORT
 mcopclass_DATA = WavPlayObject.mcopclass
 endif
 
+install-exec-local: install-binPROGRAMS
+	@(chown root $(bindir)/artswrapper && chmod 4755 $(bindir)/artswrapper) \
+		|| echo "please make $(bindir)/artswrapper suid root"
Index: artswrapper.c
===================================================================
RCS file: /home/kde/kdelibs/arts/soundserver/artswrapper.c,v
retrieving revision 1.4
diff -b -u -p -r1.4 artswrapper.c
--- artswrapper.c	2000/06/14 15:27:54	1.4
+++ artswrapper.c	2000/09/07 19:56:39
@@ -5,8 +5,6 @@
 #include <string.h>
 #include <malloc.h>
 
-#undef ARTSWRAPPER_DEBUG
-
 /*
  * adjust_priority
  *
@@ -81,103 +79,17 @@ void adjust_priority()
 }
 #endif
 
-/*
- * check_security
- *
- * checks that the path (file or directory) is owned by root, which makes
- * it save to assume that nobody can temper with the files in that directory,
- * and so we can execute the program with realtime priority
- *
- * result = 0  => not secure
- * result = 1  => secure (well - reasonable secure - if root installs
- *   directories as world writeable for instance, still everybody can
- *   do everything)
- */
-
-int check_security(const char *path)
-{
-	struct stat stat_buffer;
-
-#ifdef ARTSWRAPPER_DEBUG
-	printf("Checking security for %s\n",path);
-#endif
-	/*
-	 * No, we can't execute things in paths with zero length (for instance
-	 * current directory) savely. If path has length 1, it must be /, because
-	 * otherwise we will be executing stuff in a one
-	 */
-
-	if(strlen(path) == 0) return 0;
-	if(strlen(path) == 1 && path[0] != '/') return 0;
-
-	if(strlen(path) > 1)
-	{
-		char *basedir = strdup(path);
-		int end = 0;
-		int basedir_security;
-		int i;
-
-		for(i=0;i<strlen(basedir);i++)
-		{
-			if(basedir[i] == '/') end = i;
-		}
-
-		if(end == 0 && basedir[0] == '/') end = 1; /* root directory */
-		basedir[end] = 0;
-
-		basedir_security = check_security(basedir);
-		free(basedir);
-
-		if(basedir_security == 0) return 0;
-	}
-
-	stat(path, &stat_buffer); 
-
-	if(stat_buffer.st_uid != 0)
-	{
-		fprintf(stderr,"artswrapper: can't use suid, because security for\n");
-		fprintf(stderr,"    <%s> is critical, since it isn't owned by root\n",
-				path);
-		return 0;
-	}
-
-#ifdef ARTSWRAPPER_DEBUG
-	printf("%s passed security check\n",path);
-#endif
-	/*
-	 * more tests here, like "not world writeable" or "only writeable by root"?
-	 */
-	return 1;
-}
-
 int main(int argc, char **argv)
 {
-	const char *execute = EXECUTE;
-	int secure;
-
-	secure = check_security(execute);
-
 	if(argc == 2)
 	{
 		if(strcmp(argv[1],"check") == 0)
-		{
-			if(secure)
 			{
+			/* backward compatibility with old artswrapper */
 				printf("okay\n");
-				exit(0);
-			}
-			else
-			{
-				printf("fail\n");
-				exit(1);
-			}
+			return 0;
 		}
 	}
-	if(!secure)
-	{
-		fprintf(stderr,"artswrapper: security check failed, leaving.\n");
-		exit(255);
-	}
 
 	adjust_priority();
 
@@ -185,6 +97,11 @@ int main(int argc, char **argv)
 	   (due to realtime priority stuff) */
 	if (geteuid() != getuid()) setreuid(-1, getuid());
 
-	execv(execute,argv);
-	return 0;
+	if(argc == 0)
+		return 1;
+
+	argv[0] = EXECUTE;
+	execv(EXECUTE,argv);
+	perror(EXECUTE);
+	return 1;
 }

_______________________________________________
Kde-multimedia mailing list
Kde-multimedia@master.kde.org
http://master.kde.org/mailman/listinfo/kde-multimedia


[prev in list] [next in list] [prev in thread] [next in thread] 
