Remove libcap/prctl artifacts

They seem like relics of the pasts, from when we were retaining the ptrace cap. Some translations still may need updates.
author: Arkadiusz Hiler <arek@hiler.eu> 2018-09-29 12:02:22 +0300
committer: Arkadiusz Hiler <arek@hiler.eu> 2018-09-30 13:39:26 +0300
commit: 00dfb768322adbd004f4a91a86eb1159a5136879 (patch)
tree: 669ecd47b3c23a780e71af2012bfbfd01d005264 /sway/main.c
parent: Merge pull request #2733 from ianyfan/swaybar (diff)
download: sway-00dfb768322adbd004f4a91a86eb1159a5136879.tar.gz
sway-00dfb768322adbd004f4a91a86eb1159a5136879.tar.zst
sway-00dfb768322adbd004f4a91a86eb1159a5136879.zip
1 files changed, 4 insertions, 59 deletions
diff --git a/sway/main.c b/sway/main.c
index 990f5f3a..80111b8f 100644
--- a/sway/main.c
+++ b/sway/main.c
@@ -12,10 +12,6 @@
 #include <sys/wait.h>
 #include <sys/un.h>
 #include <unistd.h>
-#ifdef __linux__
-#include <sys/capability.h>
-#include <sys/prctl.h>
-#endif
 #include <wlr/util/log.h>
 #include "sway/commands.h"
 #include "sway/config.h"
@@ -181,28 +177,8 @@ static void log_kernel() {
        pclose(f);
 }
-static void executable_sanity_check() {
-#ifdef __linux__
-                struct stat sb;
-                char *exe = realpath("/proc/self/exe", NULL);
-                stat(exe, &sb);
-                // We assume that cap_get_file returning NULL implies ENODATA
-                if (sb.st_mode & (S_ISUID|S_ISGID) && cap_get_file(exe)) {
-                        wlr_log(WLR_ERROR,
-                                "sway executable has both the s(g)uid bit AND file caps set.");
-                        wlr_log(WLR_ERROR,
-                                "This is strongly discouraged (and completely broken).");
-                        wlr_log(WLR_ERROR,
-                                "Please clear one of them (either the suid bit, or the file caps).");
-                        wlr_log(WLR_ERROR,
-                                "If unsure, strip the file caps.");
-                        exit(EXIT_FAILURE);
-                }
-                free(exe);
-#endif
-}
-static void drop_permissions(bool keep_caps) {
+static void drop_permissions(void) {
        if (getuid() != geteuid() || getgid() != getegid()) {
                if (setgid(getgid()) != 0) {
                        wlr_log(WLR_ERROR, "Unable to drop root");
@@ -217,20 +193,6 @@ static void drop_permissions(bool keep_caps) {
                wlr_log(WLR_ERROR, "Root privileges can be restored.");
                exit(EXIT_FAILURE);
        }
-#ifdef __linux__
-        if (keep_caps) {
-                // Drop every cap except CAP_SYS_PTRACE
-                cap_t caps = cap_init();
-                cap_value_t keep = CAP_SYS_PTRACE;
-                wlr_log(WLR_INFO, "Dropping extra capabilities");
-                if (cap_set_flag(caps, CAP_PERMITTED, 1, &keep, CAP_SET) ||
-                        cap_set_flag(caps, CAP_EFFECTIVE, 1, &keep, CAP_SET) ||
-                        cap_set_proc(caps)) {
-                        wlr_log(WLR_ERROR, "Failed to drop extra capabilities");
-                        exit(EXIT_FAILURE);
-                }
-        }
-#endif
 }
 void enable_debug_flag(const char *flag) {
@@ -347,7 +309,7 @@ int main(int argc, char **argv) {
                        wlr_log(WLR_ERROR, "Don't use options with the IPC client");
                        exit(EXIT_FAILURE);
                }
-                drop_permissions(false);
+                drop_permissions();
                char *socket_path = getenv("SWAYSOCK");
                if (!socket_path) {
                        wlr_log(WLR_ERROR, "Unable to retrieve socket path");
@@ -358,34 +320,17 @@ int main(int argc, char **argv) {
                return 0;
        }
-        executable_sanity_check();
-        bool suid = false;
        if (!server_privileged_prepare(&server)) {
                return 1;
        }
-#if defined(__linux__) || defined(__FreeBSD__)
-        if (getuid() != geteuid() || getgid() != getegid()) {
-#ifdef __linux__
-                // Retain capabilities after setuid()
-                if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
-                        wlr_log(WLR_ERROR, "Cannot keep caps after setuid()");
-                        exit(EXIT_FAILURE);
-                }
-#endif
-                suid = true;
-        }
-#endif
        log_kernel();
        log_distro();
        detect_proprietary();
        detect_raspi();
-#if defined(__linux__) || defined(__FreeBSD__)
+        drop_permissions();
-        drop_permissions(suid);
-#endif
        // handle SIGTERM signals
        signal(SIGTERM, sig_handler);
author	Arkadiusz Hiler <arek@hiler.eu>	2018-09-29 12:02:22 +0300
committer	Arkadiusz Hiler <arek@hiler.eu>	2018-09-30 13:39:26 +0300
commit	00dfb768322adbd004f4a91a86eb1159a5136879 (patch)
tree	669ecd47b3c23a780e71af2012bfbfd01d005264 /sway/main.c
parent	Merge pull request #2733 from ianyfan/swaybar (diff)
download	sway-00dfb768322adbd004f4a91a86eb1159a5136879.tar.gz sway-00dfb768322adbd004f4a91a86eb1159a5136879.tar.zst sway-00dfb768322adbd004f4a91a86eb1159a5136879.zip

diff --git a/sway/main.c b/sway/main.c index 990f5f3a..80111b8f 100644 --- a/sway/main.c +++ b/sway/main.c
@@ -12,10 +12,6 @@
12	#include <sys/wait.h>	12	#include <sys/wait.h>
13	#include <sys/un.h>	13	#include <sys/un.h>
14	#include <unistd.h>	14	#include <unistd.h>
15	#ifdef __linux__
16	#include <sys/capability.h>
17	#include <sys/prctl.h>
18	#endif
19	#include <wlr/util/log.h>	15	#include <wlr/util/log.h>
20	#include "sway/commands.h"	16	#include "sway/commands.h"
21	#include "sway/config.h"	17	#include "sway/config.h"
@@ -181,28 +177,8 @@ static void log_kernel() {
181	pclose(f);	177	pclose(f);
182	}	178	}
183		179
184	static void executable_sanity_check() {
185	#ifdef __linux__
186	struct stat sb;
187	char *exe = realpath("/proc/self/exe", NULL);
188	stat(exe, &sb);
189	// We assume that cap_get_file returning NULL implies ENODATA
190	if (sb.st_mode & (S_ISUID\|S_ISGID) && cap_get_file(exe)) {
191	wlr_log(WLR_ERROR,
192	"sway executable has both the s(g)uid bit AND file caps set.");
193	wlr_log(WLR_ERROR,
194	"This is strongly discouraged (and completely broken).");
195	wlr_log(WLR_ERROR,
196	"Please clear one of them (either the suid bit, or the file caps).");
197	wlr_log(WLR_ERROR,
198	"If unsure, strip the file caps.");
199	exit(EXIT_FAILURE);
200	}
201	free(exe);
202	#endif
203	}
204		180
205	static void drop_permissions(bool keep_caps) {	181	static void drop_permissions(void) {
206	if (getuid() != geteuid() \|\| getgid() != getegid()) {	182	if (getuid() != geteuid() \|\| getgid() != getegid()) {
207	if (setgid(getgid()) != 0) {	183	if (setgid(getgid()) != 0) {
208	wlr_log(WLR_ERROR, "Unable to drop root");	184	wlr_log(WLR_ERROR, "Unable to drop root");
@@ -217,20 +193,6 @@ static void drop_permissions(bool keep_caps) {
217	wlr_log(WLR_ERROR, "Root privileges can be restored.");	193	wlr_log(WLR_ERROR, "Root privileges can be restored.");
218	exit(EXIT_FAILURE);	194	exit(EXIT_FAILURE);
219	}	195	}
220	#ifdef __linux__
221	if (keep_caps) {
222	// Drop every cap except CAP_SYS_PTRACE
223	cap_t caps = cap_init();
224	cap_value_t keep = CAP_SYS_PTRACE;
225	wlr_log(WLR_INFO, "Dropping extra capabilities");
226	if (cap_set_flag(caps, CAP_PERMITTED, 1, &keep, CAP_SET) \|\|
227	cap_set_flag(caps, CAP_EFFECTIVE, 1, &keep, CAP_SET) \|\|
228	cap_set_proc(caps)) {
229	wlr_log(WLR_ERROR, "Failed to drop extra capabilities");
230	exit(EXIT_FAILURE);
231	}
232	}
233	#endif
234	}	196	}
235		197
236	void enable_debug_flag(const char *flag) {	198	void enable_debug_flag(const char *flag) {
@@ -347,7 +309,7 @@ int main(int argc, char **argv) {
347	wlr_log(WLR_ERROR, "Don't use options with the IPC client");	309	wlr_log(WLR_ERROR, "Don't use options with the IPC client");
348	exit(EXIT_FAILURE);	310	exit(EXIT_FAILURE);
349	}	311	}
350	drop_permissions(false);	312	drop_permissions();
351	char *socket_path = getenv("SWAYSOCK");	313	char *socket_path = getenv("SWAYSOCK");
352	if (!socket_path) {	314	if (!socket_path) {
353	wlr_log(WLR_ERROR, "Unable to retrieve socket path");	315	wlr_log(WLR_ERROR, "Unable to retrieve socket path");
@@ -358,34 +320,17 @@ int main(int argc, char **argv) {
358	return 0;	320	return 0;
359	}	321	}
360		322
361	executable_sanity_check();
362	bool suid = false;
363
364	if (!server_privileged_prepare(&server)) {	323	if (!server_privileged_prepare(&server)) {
365	return 1;	324	return 1;
366	}	325	}
367		326
368	#if defined(__linux__) \|\| defined(__FreeBSD__)
369	if (getuid() != geteuid() \|\| getgid() != getegid()) {
370	#ifdef __linux__
371	// Retain capabilities after setuid()
372	if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
373	wlr_log(WLR_ERROR, "Cannot keep caps after setuid()");
374	exit(EXIT_FAILURE);
375	}
376	#endif
377	suid = true;
378	}
379	#endif
380
381	log_kernel();	327	log_kernel();
382	log_distro();	328	log_distro();
383	detect_proprietary();	329	detect_proprietary();
384	detect_raspi();	330	detect_raspi();
385		331
386	#if defined(__linux__) \|\| defined(__FreeBSD__)	332	drop_permissions();
387	drop_permissions(suid);	333
388	#endif
389	// handle SIGTERM signals	334	// handle SIGTERM signals
390	signal(SIGTERM, sig_handler);	335	signal(SIGTERM, sig_handler);
391		336