diff options
author | Arkadiusz Hiler <arek@hiler.eu> | 2018-09-29 12:02:22 +0300 |
---|---|---|
committer | Arkadiusz Hiler <arek@hiler.eu> | 2018-09-30 13:39:26 +0300 |
commit | 00dfb768322adbd004f4a91a86eb1159a5136879 (patch) | |
tree | 669ecd47b3c23a780e71af2012bfbfd01d005264 /sway/main.c | |
parent | Merge pull request #2733 from ianyfan/swaybar (diff) | |
download | sway-00dfb768322adbd004f4a91a86eb1159a5136879.tar.gz sway-00dfb768322adbd004f4a91a86eb1159a5136879.tar.zst sway-00dfb768322adbd004f4a91a86eb1159a5136879.zip |
Remove libcap/prctl artifacts
They seem like relics of the pasts, from when we were retaining the
ptrace cap.
Some translations still may need updates.
Diffstat (limited to 'sway/main.c')
-rw-r--r-- | sway/main.c | 63 |
1 files changed, 4 insertions, 59 deletions
diff --git a/sway/main.c b/sway/main.c index 990f5f3a..80111b8f 100644 --- a/sway/main.c +++ b/sway/main.c | |||
@@ -12,10 +12,6 @@ | |||
12 | #include <sys/wait.h> | 12 | #include <sys/wait.h> |
13 | #include <sys/un.h> | 13 | #include <sys/un.h> |
14 | #include <unistd.h> | 14 | #include <unistd.h> |
15 | #ifdef __linux__ | ||
16 | #include <sys/capability.h> | ||
17 | #include <sys/prctl.h> | ||
18 | #endif | ||
19 | #include <wlr/util/log.h> | 15 | #include <wlr/util/log.h> |
20 | #include "sway/commands.h" | 16 | #include "sway/commands.h" |
21 | #include "sway/config.h" | 17 | #include "sway/config.h" |
@@ -181,28 +177,8 @@ static void log_kernel() { | |||
181 | pclose(f); | 177 | pclose(f); |
182 | } | 178 | } |
183 | 179 | ||
184 | static void executable_sanity_check() { | ||
185 | #ifdef __linux__ | ||
186 | struct stat sb; | ||
187 | char *exe = realpath("/proc/self/exe", NULL); | ||
188 | stat(exe, &sb); | ||
189 | // We assume that cap_get_file returning NULL implies ENODATA | ||
190 | if (sb.st_mode & (S_ISUID|S_ISGID) && cap_get_file(exe)) { | ||
191 | wlr_log(WLR_ERROR, | ||
192 | "sway executable has both the s(g)uid bit AND file caps set."); | ||
193 | wlr_log(WLR_ERROR, | ||
194 | "This is strongly discouraged (and completely broken)."); | ||
195 | wlr_log(WLR_ERROR, | ||
196 | "Please clear one of them (either the suid bit, or the file caps)."); | ||
197 | wlr_log(WLR_ERROR, | ||
198 | "If unsure, strip the file caps."); | ||
199 | exit(EXIT_FAILURE); | ||
200 | } | ||
201 | free(exe); | ||
202 | #endif | ||
203 | } | ||
204 | 180 | ||
205 | static void drop_permissions(bool keep_caps) { | 181 | static void drop_permissions(void) { |
206 | if (getuid() != geteuid() || getgid() != getegid()) { | 182 | if (getuid() != geteuid() || getgid() != getegid()) { |
207 | if (setgid(getgid()) != 0) { | 183 | if (setgid(getgid()) != 0) { |
208 | wlr_log(WLR_ERROR, "Unable to drop root"); | 184 | wlr_log(WLR_ERROR, "Unable to drop root"); |
@@ -217,20 +193,6 @@ static void drop_permissions(bool keep_caps) { | |||
217 | wlr_log(WLR_ERROR, "Root privileges can be restored."); | 193 | wlr_log(WLR_ERROR, "Root privileges can be restored."); |
218 | exit(EXIT_FAILURE); | 194 | exit(EXIT_FAILURE); |
219 | } | 195 | } |
220 | #ifdef __linux__ | ||
221 | if (keep_caps) { | ||
222 | // Drop every cap except CAP_SYS_PTRACE | ||
223 | cap_t caps = cap_init(); | ||
224 | cap_value_t keep = CAP_SYS_PTRACE; | ||
225 | wlr_log(WLR_INFO, "Dropping extra capabilities"); | ||
226 | if (cap_set_flag(caps, CAP_PERMITTED, 1, &keep, CAP_SET) || | ||
227 | cap_set_flag(caps, CAP_EFFECTIVE, 1, &keep, CAP_SET) || | ||
228 | cap_set_proc(caps)) { | ||
229 | wlr_log(WLR_ERROR, "Failed to drop extra capabilities"); | ||
230 | exit(EXIT_FAILURE); | ||
231 | } | ||
232 | } | ||
233 | #endif | ||
234 | } | 196 | } |
235 | 197 | ||
236 | void enable_debug_flag(const char *flag) { | 198 | void enable_debug_flag(const char *flag) { |
@@ -347,7 +309,7 @@ int main(int argc, char **argv) { | |||
347 | wlr_log(WLR_ERROR, "Don't use options with the IPC client"); | 309 | wlr_log(WLR_ERROR, "Don't use options with the IPC client"); |
348 | exit(EXIT_FAILURE); | 310 | exit(EXIT_FAILURE); |
349 | } | 311 | } |
350 | drop_permissions(false); | 312 | drop_permissions(); |
351 | char *socket_path = getenv("SWAYSOCK"); | 313 | char *socket_path = getenv("SWAYSOCK"); |
352 | if (!socket_path) { | 314 | if (!socket_path) { |
353 | wlr_log(WLR_ERROR, "Unable to retrieve socket path"); | 315 | wlr_log(WLR_ERROR, "Unable to retrieve socket path"); |
@@ -358,34 +320,17 @@ int main(int argc, char **argv) { | |||
358 | return 0; | 320 | return 0; |
359 | } | 321 | } |
360 | 322 | ||
361 | executable_sanity_check(); | ||
362 | bool suid = false; | ||
363 | |||
364 | if (!server_privileged_prepare(&server)) { | 323 | if (!server_privileged_prepare(&server)) { |
365 | return 1; | 324 | return 1; |
366 | } | 325 | } |
367 | 326 | ||
368 | #if defined(__linux__) || defined(__FreeBSD__) | ||
369 | if (getuid() != geteuid() || getgid() != getegid()) { | ||
370 | #ifdef __linux__ | ||
371 | // Retain capabilities after setuid() | ||
372 | if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) { | ||
373 | wlr_log(WLR_ERROR, "Cannot keep caps after setuid()"); | ||
374 | exit(EXIT_FAILURE); | ||
375 | } | ||
376 | #endif | ||
377 | suid = true; | ||
378 | } | ||
379 | #endif | ||
380 | |||
381 | log_kernel(); | 327 | log_kernel(); |
382 | log_distro(); | 328 | log_distro(); |
383 | detect_proprietary(); | 329 | detect_proprietary(); |
384 | detect_raspi(); | 330 | detect_raspi(); |
385 | 331 | ||
386 | #if defined(__linux__) || defined(__FreeBSD__) | 332 | drop_permissions(); |
387 | drop_permissions(suid); | 333 | |
388 | #endif | ||
389 | // handle SIGTERM signals | 334 | // handle SIGTERM signals |
390 | signal(SIGTERM, sig_handler); | 335 | signal(SIGTERM, sig_handler); |
391 | 336 | ||