diff options
author | smitsohu <smitsohu@gmail.com> | 2019-03-16 23:28:25 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2019-03-16 23:28:25 +0100 |
commit | da89f57071591ad971d67532313e02ff738d91ac (patch) | |
tree | b09b23dbd111b9f3af43698a63df49fea94d4beb | |
parent | Merge branch 'master' of https://github.com/netblue30/firejail (diff) | |
download | firejail-da89f57071591ad971d67532313e02ff738d91ac.tar.gz firejail-da89f57071591ad971d67532313e02ff738d91ac.tar.zst firejail-da89f57071591ad971d67532313e02ff738d91ac.zip |
minor enhancement: added robustness for setres[gu]id function calls
-rw-r--r-- | src/firejail/main.c | 6 | ||||
-rw-r--r-- | src/firejail/no_sandbox.c | 6 | ||||
-rw-r--r-- | src/firejail/run_symlink.c | 8 | ||||
-rw-r--r-- | src/firejail/util.c | 7 |
4 files changed, 10 insertions, 17 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index a9af46b6f..ece4c2cb5 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -866,11 +866,9 @@ static void run_builder(int argc, char **argv) { | |||
866 | (void) argc; | 866 | (void) argc; |
867 | 867 | ||
868 | // drop privileges | 868 | // drop privileges |
869 | gid_t gid = getgid(); | 869 | if (setresgid(-1, getgid(), getgid()) != 0) |
870 | uid_t uid = getuid(); | ||
871 | if (setresgid(gid, gid, gid) != 0) | ||
872 | errExit("setresgid"); | 870 | errExit("setresgid"); |
873 | if (setresuid(uid, uid, uid) != 0) | 871 | if (setresuid(-1, getuid(), getuid()) != 0) |
874 | errExit("setresuid"); | 872 | errExit("setresuid"); |
875 | 873 | ||
876 | assert(getenv("LD_PRELOAD") == NULL); | 874 | assert(getenv("LD_PRELOAD") == NULL); |
diff --git a/src/firejail/no_sandbox.c b/src/firejail/no_sandbox.c index 096f34cc5..dca36a4d8 100644 --- a/src/firejail/no_sandbox.c +++ b/src/firejail/no_sandbox.c | |||
@@ -162,11 +162,9 @@ int check_kernel_procs(void) { | |||
162 | void run_no_sandbox(int argc, char **argv) { | 162 | void run_no_sandbox(int argc, char **argv) { |
163 | EUID_ASSERT(); | 163 | EUID_ASSERT(); |
164 | // drop privileges | 164 | // drop privileges |
165 | gid_t gid = getgid(); | 165 | if (setresgid(-1, getgid(), getgid()) != 0) |
166 | uid_t uid = getuid(); | ||
167 | if (setresgid(gid, gid, gid) != 0) | ||
168 | errExit("setresgid"); | 166 | errExit("setresgid"); |
169 | if (setresuid(uid, uid, uid) != 0) | 167 | if (setresuid(-1, getuid(), getuid()) != 0) |
170 | errExit("setresuid"); | 168 | errExit("setresuid"); |
171 | 169 | ||
172 | // process limited subset of options | 170 | // process limited subset of options |
diff --git a/src/firejail/run_symlink.c b/src/firejail/run_symlink.c index e10f90850..a63f29322 100644 --- a/src/firejail/run_symlink.c +++ b/src/firejail/run_symlink.c | |||
@@ -34,11 +34,9 @@ void run_symlink(int argc, char **argv, int run_as_is) { | |||
34 | return; | 34 | return; |
35 | 35 | ||
36 | // drop privileges | 36 | // drop privileges |
37 | gid_t gid = getgid(); | 37 | if (setresgid(-1, getgid(), getgid()) != 0) |
38 | uid_t uid = getuid(); | ||
39 | if (setresgid(gid, gid, gid) != 0) | ||
40 | errExit("setresgid"); | 38 | errExit("setresgid"); |
41 | if (setresuid(uid, uid, uid) != 0) | 39 | if (setresuid(-1, getuid(), getuid()) != 0) |
42 | errExit("setresuid"); | 40 | errExit("setresuid"); |
43 | 41 | ||
44 | // find the real program by looking in PATH | 42 | // find the real program by looking in PATH |
@@ -95,7 +93,7 @@ void run_symlink(int argc, char **argv, int run_as_is) { | |||
95 | umask(orig_umask); | 93 | umask(orig_umask); |
96 | 94 | ||
97 | // desktop integration is not supported for root user; instead, the original program is started | 95 | // desktop integration is not supported for root user; instead, the original program is started |
98 | if (uid == 0 || run_as_is) { | 96 | if (getuid() == 0 || run_as_is) { |
99 | argv[0] = program; | 97 | argv[0] = program; |
100 | execv(program, argv); | 98 | execv(program, argv); |
101 | exit(1); | 99 | exit(1); |
diff --git a/src/firejail/util.c b/src/firejail/util.c index 52f0f89c5..46b392eed 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -120,9 +120,8 @@ clean_all: | |||
120 | // - for root group or if nogroups is set, supplementary groups are not configured | 120 | // - for root group or if nogroups is set, supplementary groups are not configured |
121 | void drop_privs(int nogroups) { | 121 | void drop_privs(int nogroups) { |
122 | gid_t gid = getgid(); | 122 | gid_t gid = getgid(); |
123 | uid_t uid = getuid(); | ||
124 | if (arg_debug) | 123 | if (arg_debug) |
125 | printf("Drop privileges: pid %d, uid %d, gid %d, nogroups %d\n", getpid(), uid, gid, nogroups); | 124 | printf("Drop privileges: pid %d, uid %d, gid %d, nogroups %d\n", getpid(), getuid(), gid, nogroups); |
126 | 125 | ||
127 | // configure supplementary groups | 126 | // configure supplementary groups |
128 | EUID_ROOT(); | 127 | EUID_ROOT(); |
@@ -136,9 +135,9 @@ void drop_privs(int nogroups) { | |||
136 | clean_supplementary_groups(gid); | 135 | clean_supplementary_groups(gid); |
137 | 136 | ||
138 | // set uid/gid | 137 | // set uid/gid |
139 | if (setresgid(gid, gid, gid) != 0) | 138 | if (setresgid(-1, getgid(), getgid()) != 0) |
140 | errExit("setresgid"); | 139 | errExit("setresgid"); |
141 | if (setresuid(uid, uid, uid) != 0) | 140 | if (setresuid(-1, getuid(), getuid()) != 0) |
142 | errExit("setresuid"); | 141 | errExit("setresuid"); |
143 | } | 142 | } |
144 | 143 | ||