github/ttrpc
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #14 from AkihiroSuda/avoid-os-user

Browse Source 
unixcreds: use euid instead of uid
This commit is contained in:
Stephen Day 2017-12-01 11:38:49 -08:00 committed by GitHub
commit 76e68349ad
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
unixcreds_linux.go
View File

@ -43,6 +43,14 @@ func (fn UnixCredentialsFunc) Handshake(ctx context.Context, conn net.Conn) (net
return uc, ucred, nil return uc, ucred, nil
} }
// UnixSocketRequireUidGid requires specific *effective* UID/GID, rather than the real UID/GID.
//
// For example, if a daemon binary is owned by the root (UID 0) with SUID bit but running as an
// unprivileged user (UID 1001), the effective UID becomes 0, and the real UID becomes 1001.
// So calling this function with uid=0 allows a connection from effective UID 0 but rejects
// a connection from effective UID 1001.
//
// See socket(7), SO_PEERCRED: "The returned credentials are those that were in effect at the time of the call to connect(2) or socketpair(2)."
func UnixSocketRequireUidGid(uid, gid int) UnixCredentialsFunc { func UnixSocketRequireUidGid(uid, gid int) UnixCredentialsFunc {
return func(ucred *unix.Ucred) error { return func(ucred *unix.Ucred) error {
return requireUidGid(ucred, uid, gid) return requireUidGid(ucred, uid, gid)
@ -53,14 +61,14 @@ func UnixSocketRequireRoot() UnixCredentialsFunc {
return UnixSocketRequireUidGid(0, 0) return UnixSocketRequireUidGid(0, 0)
} }
// UnixSocketRequireSameUser resolves the current unix user and returns a // UnixSocketRequireSameUser resolves the current effective unix user and returns a
// UnixCredentialsFunc that will validate incoming unix connections against the // UnixCredentialsFunc that will validate incoming unix connections against the
// current credentials. // current credentials.
// //
// This is useful when using abstract sockets that are accessible by all users. // This is useful when using abstract sockets that are accessible by all users.
func UnixSocketRequireSameUser() UnixCredentialsFunc { func UnixSocketRequireSameUser() UnixCredentialsFunc {
uid, gid := os.Getuid(), os.Getgid() euid, egid := os.Geteuid(), os.Getegid()
return UnixSocketRequireUidGid(uid, gid) return UnixSocketRequireUidGid(euid, egid)
} }
func requireRoot(ucred *unix.Ucred) error { func requireRoot(ucred *unix.Ucred) error {