diff options
| author |   deraadt <deraadt@openbsd.org> | 1997-08-31 20:42:01 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 1997-08-31 20:42:01 +0000 |
| commit | 31e15491b0ac1938de22018ee666cadb4f082315 (patch) | |
| tree | 580db7b1abf7a7be9250a8b15b6b2dcf8c63308f /sys/kern | |
| parent | only check for ftp bounce in tcp, duh. for nonreserved ports, do not (diff) | |
| download | wireguard-openbsd-31e15491b0ac1938de22018ee666cadb4f082315.tar.xz wireguard-openbsd-31e15491b0ac1938de22018ee666cadb4f082315.zip | |
for non-tty TIOCSPGRP/F_SETOWN/FIOSETOWN pgid setting calls, store uid
and euid as well, then deliver them using new csignal() interface
which ensures that pgid setting process is permitted to signal the
pgid process(es). Thanks to newsham@aloha.net for extensive help and
discussion.
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_descrip.c | 10 | ||||
| -rw-r--r-- | sys/kern/kern_sig.c | 42 | ||||
| -rw-r--r-- | sys/kern/subr_log.c | 17 | ||||
| -rw-r--r-- | sys/kern/sys_generic.c | 8 | ||||
| -rw-r--r-- | sys/kern/sys_socket.c | 5 | ||||
| -rw-r--r-- | sys/kern/uipc_socket.c | 9 | ||||
| -rw-r--r-- | sys/kern/uipc_socket2.c | 12 |
7 files changed, 71 insertions, 32 deletions
diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index 9e4b42861ab..06eb363448f 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_descrip.c,v 1.13 1997/08/21 05:17:37 deraadt Exp $ */ +/* $OpenBSD: kern_descrip.c,v 1.14 1997/08/31 20:42:15 deraadt Exp $ */ /* $NetBSD: kern_descrip.c,v 1.42 1996/03/30 22:24:38 christos Exp $ */ /* @@ -55,6 +55,7 @@ #include <sys/fcntl.h> #include <sys/malloc.h> #include <sys/syslog.h> +#include <sys/ucred.h> #include <sys/unistd.h> #include <sys/resourcevar.h> #include <sys/conf.h> @@ -251,8 +252,11 @@ sys_fcntl(p, v, retval) case F_SETOWN: if (fp->f_type == DTYPE_SOCKET) { - ((struct socket *)fp->f_data)->so_pgid = - (long)SCARG(uap, arg); + struct socket *so = (struct socket *)fp->f_data; + + so->so_pgid = (long)SCARG(uap, arg); + so->so_siguid = p->p_cred->p_ruid; + so->so_sigeuid = p->p_ucred->cr_uid; return (0); } if ((long)SCARG(uap, arg) <= 0) { diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 4aa5bd87f1d..298f3caace6 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sig.c,v 1.16 1997/02/01 21:49:41 deraadt Exp $ */ +/* $OpenBSD: kern_sig.c,v 1.17 1997/08/31 20:42:18 deraadt Exp $ */ /* $NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $ */ /* @@ -483,6 +483,46 @@ killpg1(cp, signum, pgid, all) return (nfound ? 0 : ESRCH); } +#define CANDELIVER(uid, euid, p) \ + (euid == 0 || \ + (uid) == (p)->p_cred->p_ruid || \ + (uid) == (p)->p_cred->p_svuid || \ + (uid) == (p)->p_ucred->cr_uid || \ + (euid) == (p)->p_cred->p_ruid || \ + (euid) == (p)->p_cred->p_svuid || \ + (euid) == (p)->p_ucred->cr_uid) + +/* + * Deliver signum to pgid, but first check uid/euid against each + * process and see if it is permitted. + */ +void +csignal(pgid, signum, uid, euid) + pid_t pgid; + int signum; + uid_t uid, euid; +{ + struct pgrp *pgrp; + struct proc *p; + + if (pgid == 0) + return; + if (pgid < 0) { + pgid = -pgid; + if ((pgrp = pgfind(pgid)) == NULL) + return; + for (p = pgrp->pg_members.lh_first; p; + p = p->p_pglist.le_next) + if (CANDELIVER(uid, euid, p)) + psignal(p, signum); + } else { + if ((p = pfind(pgid)) == NULL) + return; + if (CANDELIVER(uid, euid, p)) + psignal(p, signum); + } +} + /* * Send a signal to a process group. */ diff --git a/sys/kern/subr_log.c b/sys/kern/subr_log.c index d874fe87a3f..29cf214531e 100644 --- a/sys/kern/subr_log.c +++ b/sys/kern/subr_log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: subr_log.c,v 1.3 1996/04/21 22:27:17 deraadt Exp $ */ +/* $OpenBSD: subr_log.c,v 1.4 1997/08/31 20:42:20 deraadt Exp $ */ /* $NetBSD: subr_log.c,v 1.11 1996/03/30 22:24:44 christos Exp $ */ /* @@ -60,6 +60,8 @@ struct logsoftc { int sc_state; /* see above for possibilities */ struct selinfo sc_selp; /* process waiting on select call */ int sc_pgid; /* process/group for async I/O */ + uid_t sc_siguid; /* uid for process that set sc_pgid */ + uid_t sc_sigeuid; /* euid for process that set sc_pgid */ } logsoftc; int log_open; /* also used in log() */ @@ -179,17 +181,12 @@ logselect(dev, rw, p) void logwakeup() { - struct proc *p; - if (!log_open) return; selwakeup(&logsoftc.sc_selp); - if (logsoftc.sc_state & LOG_ASYNC) { - if (logsoftc.sc_pgid < 0) - gsignal(-logsoftc.sc_pgid, SIGIO); - else if ((p = pfind(logsoftc.sc_pgid)) != NULL) - psignal(p, SIGIO); - } + if (logsoftc.sc_state & LOG_ASYNC) + csignal(logsoftc.sc_pgid, SIGIO, + logsoftc.sc_siguid, logsoftc.sc_sigeuid); if (logsoftc.sc_state & LOG_RDWAIT) { wakeup((caddr_t)msgbufp); logsoftc.sc_state &= ~LOG_RDWAIT; @@ -232,6 +229,8 @@ logioctl(dev, com, data, flag, p) case TIOCSPGRP: logsoftc.sc_pgid = *(int *)data; + logsoftc.sc_siguid = p->p_cred->p_ruid; + logsoftc.sc_sigeuid = p->p_ucred->cr_uid; break; case TIOCGPGRP: diff --git a/sys/kern/sys_generic.c b/sys/kern/sys_generic.c index 68953baf9d6..ef811b417ba 100644 --- a/sys/kern/sys_generic.c +++ b/sys/kern/sys_generic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sys_generic.c,v 1.7 1997/01/27 23:21:13 deraadt Exp $ */ +/* $OpenBSD: sys_generic.c,v 1.8 1997/08/31 20:42:21 deraadt Exp $ */ /* $NetBSD: sys_generic.c,v 1.24 1996/03/29 00:25:32 cgd Exp $ */ /* @@ -480,7 +480,11 @@ sys_ioctl(p, v, retval) case FIOSETOWN: tmp = *(int *)data; if (fp->f_type == DTYPE_SOCKET) { - ((struct socket *)fp->f_data)->so_pgid = tmp; + struct socket *so = (struct socket *)fp->f_data; + + so->so_pgid = tmp; + so->so_siguid = p->p_cred->p_ruid; + so->so_sigeuid = p->p_ucred->cr_uid; error = 0; break; } diff --git a/sys/kern/sys_socket.c b/sys/kern/sys_socket.c index b0a67f398ce..f25e4b5d445 100644 --- a/sys/kern/sys_socket.c +++ b/sys/kern/sys_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sys_socket.c,v 1.2 1997/02/24 14:19:59 niklas Exp $ */ +/* $OpenBSD: sys_socket.c,v 1.3 1997/08/31 20:42:23 deraadt Exp $ */ /* $NetBSD: sys_socket.c,v 1.13 1995/08/12 23:59:09 mycroft Exp $ */ /* @@ -39,6 +39,7 @@ #include <sys/param.h> #include <sys/systm.h> #include <sys/file.h> +#include <sys/proc.h> #include <sys/mbuf.h> #include <sys/protosw.h> #include <sys/socket.h> @@ -112,6 +113,8 @@ soo_ioctl(fp, cmd, data, p) case SIOCSPGRP: so->so_pgid = *(int *)data; + so->so_siguid = p->p_cred->p_ruid; + so->so_sigeuid = p->p_ucred->cr_uid; return (0); case SIOCGPGRP: diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 3b86c9b985c..528b81bb3e8 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_socket.c,v 1.16 1997/08/31 06:29:35 deraadt Exp $ */ +/* $OpenBSD: uipc_socket.c,v 1.17 1997/08/31 20:42:24 deraadt Exp $ */ /* $NetBSD: uipc_socket.c,v 1.21 1996/02/04 02:17:52 christos Exp $ */ /* @@ -1060,11 +1060,6 @@ void sohasoutofband(so) register struct socket *so; { - struct proc *p; - - if (so->so_pgid < 0) - gsignal(-so->so_pgid, SIGURG); - else if (so->so_pgid > 0 && (p = pfind(so->so_pgid)) != 0) - psignal(p, SIGURG); + csignal(so->so_pgid, SIGURG, so->so_siguid, so->so_sigeuid); selwakeup(&so->so_rcv.sb_sel); } diff --git a/sys/kern/uipc_socket2.c b/sys/kern/uipc_socket2.c index 1641822b28a..2455a06c052 100644 --- a/sys/kern/uipc_socket2.c +++ b/sys/kern/uipc_socket2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_socket2.c,v 1.5 1997/02/21 08:45:00 deraadt Exp $ */ +/* $OpenBSD: uipc_socket2.c,v 1.6 1997/08/31 20:42:26 deraadt Exp $ */ /* $NetBSD: uipc_socket2.c,v 1.11 1996/02/04 02:17:55 christos Exp $ */ /* @@ -315,20 +315,14 @@ sowakeup(so, sb) register struct socket *so; register struct sockbuf *sb; { - struct proc *p; - selwakeup(&sb->sb_sel); sb->sb_flags &= ~SB_SEL; if (sb->sb_flags & SB_WAIT) { sb->sb_flags &= ~SB_WAIT; wakeup((caddr_t)&sb->sb_cc); } - if (so->so_state & SS_ASYNC) { - if (so->so_pgid < 0) - gsignal(-so->so_pgid, SIGIO); - else if (so->so_pgid > 0 && (p = pfind(so->so_pgid)) != 0) - psignal(p, SIGIO); - } + if (so->so_state & SS_ASYNC) + csignal(so->so_pgid, SIGIO, so->so_siguid, so->so_sigeuid); } /* |