Blame - uidswap.c - platform/external/openssh

blob: 48026b9b4efca53750f36a2c2a0103484dc435b2 [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	* Author: Tatu Ylonen <ylo@cs.hut.fi>
				3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				4	* All rights reserved
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	5	* Code for uid-swapping.
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	6	*
				7	* As far as I am concerned, the code I have written for this software
				8	* can be used freely for any purpose. Any derived versions of this
				9	* software must be clearly marked as such, and if the derived work is
				10	* incompatible with the protocol description in the RFC file, it must be
				11	* called by a name other than "ssh" or "Secure Shell".
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	12	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	13
				14	#include "includes.h"
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	15	RCSID("$OpenBSD: uidswap.c,v 1.9 2000/09/07 20:27:55 deraadt Exp $");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	16
				17	#include "ssh.h"
				18	#include "uidswap.h"
Damien Miller	91606b1	2000-06-28 08:22:29 +1000	[diff] [blame]	19	#ifdef WITH_IRIX_AUDIT
				20	#include <sat.h>
				21	#endif /* WITH_IRIX_AUDIT */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	22
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	23	/*
				24	* Note: all these functions must work in all of the following cases:
				25	* 1. euid=0, ruid=0
				26	* 2. euid=0, ruid!=0
				27	* 3. euid!=0, ruid!=0
				28	* Additionally, they must work regardless of whether the system has
				29	* POSIX saved uids or not.
				30	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	31
				32	#ifdef _POSIX_SAVED_IDS
				33	/* Lets assume that posix saved ids also work with seteuid, even though that
				34	is not part of the posix specification. */
				35	#define SAVED_IDS_WORK_WITH_SETEUID
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	36
				37	/* Saved effective uid. */
				38	static uid_t saved_euid = 0;
				39
Damien Miller	ee1c0b3	2000-01-21 00:18:15 +1100	[diff] [blame]	40	#endif /* _POSIX_SAVED_IDS */
				41
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	42	/*
				43	* Temporarily changes to the given uid. If the effective user
				44	* id is not root, this does nothing. This call cannot be nested.
				45	*/
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	46	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	47	temporarily_use_uid(uid_t uid)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	48	{
				49	#ifdef SAVED_IDS_WORK_WITH_SETEUID
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	50	/* Save the current euid. */
				51	saved_euid = geteuid();
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	52
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	53	/* Set the effective uid to the given (unprivileged) uid. */
				54	if (seteuid(uid) == -1)
Damien Miller	caf6dd6	2000-08-29 11:33:50 +1100	[diff] [blame]	55	debug("seteuid %u: %.100s", (u_int) uid, strerror(errno));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	56	#else /* SAVED_IDS_WORK_WITH_SETUID */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	57	/* Propagate the privileged uid to all of our uids. */
				58	if (setuid(geteuid()) < 0)
Damien Miller	caf6dd6	2000-08-29 11:33:50 +1100	[diff] [blame]	59	debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	60
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	61	/* Set the effective uid to the given (unprivileged) uid. */
				62	if (seteuid(uid) == -1)
Damien Miller	caf6dd6	2000-08-29 11:33:50 +1100	[diff] [blame]	63	debug("seteuid %u: %.100s", (u_int) uid, strerror(errno));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	64	#endif /* SAVED_IDS_WORK_WITH_SETEUID */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	65	}
				66
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	67	/*
				68	* Restores to the original uid.
				69	*/
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	70	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	71	restore_uid()
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	72	{
				73	#ifdef SAVED_IDS_WORK_WITH_SETEUID
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	74	/* Set the effective uid back to the saved uid. */
				75	if (seteuid(saved_euid) < 0)
Damien Miller	caf6dd6	2000-08-29 11:33:50 +1100	[diff] [blame]	76	debug("seteuid %u: %.100s", (u_int) saved_euid, strerror(errno));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	77	#else /* SAVED_IDS_WORK_WITH_SETEUID */
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	78	/*
				79	* We are unable to restore the real uid to its unprivileged value.
				80	* Propagate the real uid (usually more privileged) to effective uid
				81	* as well.
				82	*/
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	83	setuid(getuid());
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	84	#endif /* SAVED_IDS_WORK_WITH_SETEUID */
				85	}
				86
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	87	/*
				88	* Permanently sets all uids to the given uid. This cannot be
				89	* called while temporarily_use_uid is effective.
				90	*/
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	91	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	92	permanently_set_uid(uid_t uid)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	93	{
Damien Miller	91606b1	2000-06-28 08:22:29 +1000	[diff] [blame]	94	#ifdef WITH_IRIX_AUDIT
				95	if (sysconf(_SC_AUDIT)) {
				96	debug("Setting sat id to %d", (int) uid);
				97	if (satsetid(uid))
Damien Miller	c83aa83	2000-08-15 10:08:00 +1000	[diff] [blame]	98	debug("error setting satid: %.100s", strerror(errno));
Damien Miller	91606b1	2000-06-28 08:22:29 +1000	[diff] [blame]	99	}
				100	#endif /* WITH_IRIX_AUDIT */
				101
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	102	if (setuid(uid) < 0)
Damien Miller	caf6dd6	2000-08-29 11:33:50 +1100	[diff] [blame]	103	debug("setuid %u: %.100s", (u_int) uid, strerror(errno));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	104	}