Blame - uidswap.c - platform/external/openssh

blob: 76cbd6c4064319bac79f203508b86adfaab5f20f [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	* Author: Tatu Ylonen <ylo@cs.hut.fi>
				3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				4	* All rights reserved
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	5	* Code for uid-swapping.
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	6	*
				7	* As far as I am concerned, the code I have written for this software
				8	* can be used freely for any purpose. Any derived versions of this
				9	* software must be clearly marked as such, and if the derived work is
				10	* incompatible with the protocol description in the RFC file, it must be
				11	* called by a name other than "ssh" or "Secure Shell".
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	12	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	13
				14	#include "includes.h"
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	15	RCSID("$OpenBSD: uidswap.c,v 1.9 2000/09/07 20:27:55 deraadt Exp $");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	16
				17	#include "ssh.h"
				18	#include "uidswap.h"
				19
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	20	/*
				21	* Note: all these functions must work in all of the following cases:
				22	* 1. euid=0, ruid=0
				23	* 2. euid=0, ruid!=0
				24	* 3. euid!=0, ruid!=0
				25	* Additionally, they must work regardless of whether the system has
				26	* POSIX saved uids or not.
				27	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	28
				29	#ifdef _POSIX_SAVED_IDS
				30	/* Lets assume that posix saved ids also work with seteuid, even though that
				31	is not part of the posix specification. */
				32	#define SAVED_IDS_WORK_WITH_SETEUID
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	33
				34	/* Saved effective uid. */
				35	static uid_t saved_euid = 0;
				36
Damien Miller	ee1c0b3	2000-01-21 00:18:15 +1100	[diff] [blame]	37	#endif /* _POSIX_SAVED_IDS */
				38
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	39	/*
				40	* Temporarily changes to the given uid. If the effective user
				41	* id is not root, this does nothing. This call cannot be nested.
				42	*/
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	43	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	44	temporarily_use_uid(uid_t uid)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	45	{
				46	#ifdef SAVED_IDS_WORK_WITH_SETEUID
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	47	/* Save the current euid. */
				48	saved_euid = geteuid();
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	49
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	50	/* Set the effective uid to the given (unprivileged) uid. */
				51	if (seteuid(uid) == -1)
Damien Miller	caf6dd6	2000-08-29 11:33:50 +1100	[diff] [blame]	52	debug("seteuid %u: %.100s", (u_int) uid, strerror(errno));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	53	#else /* SAVED_IDS_WORK_WITH_SETUID */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	54	/* Propagate the privileged uid to all of our uids. */
				55	if (setuid(geteuid()) < 0)
Damien Miller	caf6dd6	2000-08-29 11:33:50 +1100	[diff] [blame]	56	debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	57
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	58	/* Set the effective uid to the given (unprivileged) uid. */
				59	if (seteuid(uid) == -1)
Damien Miller	caf6dd6	2000-08-29 11:33:50 +1100	[diff] [blame]	60	debug("seteuid %u: %.100s", (u_int) uid, strerror(errno));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	61	#endif /* SAVED_IDS_WORK_WITH_SETEUID */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	62	}
				63
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	64	/*
				65	* Restores to the original uid.
				66	*/
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	67	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	68	restore_uid()
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	69	{
				70	#ifdef SAVED_IDS_WORK_WITH_SETEUID
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	71	/* Set the effective uid back to the saved uid. */
				72	if (seteuid(saved_euid) < 0)
Damien Miller	caf6dd6	2000-08-29 11:33:50 +1100	[diff] [blame]	73	debug("seteuid %u: %.100s", (u_int) saved_euid, strerror(errno));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	74	#else /* SAVED_IDS_WORK_WITH_SETEUID */
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	75	/*
				76	* We are unable to restore the real uid to its unprivileged value.
				77	* Propagate the real uid (usually more privileged) to effective uid
				78	* as well.
				79	*/
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	80	setuid(getuid());
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	81	#endif /* SAVED_IDS_WORK_WITH_SETEUID */
				82	}
				83
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	84	/*
				85	* Permanently sets all uids to the given uid. This cannot be
				86	* called while temporarily_use_uid is effective.
				87	*/
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	88	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	89	permanently_set_uid(uid_t uid)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	90	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	91	if (setuid(uid) < 0)
Damien Miller	caf6dd6	2000-08-29 11:33:50 +1100	[diff] [blame]	92	debug("setuid %u: %.100s", (u_int) uid, strerror(errno));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	93	}