| version 1.42, 2015/09/19 02:47:46 |
version 1.43, 2015/10/22 04:57:20 |
|
|
| char cwdpath[PATH_MAX]; |
char cwdpath[PATH_MAX]; |
| const char *cwd; |
const char *cwd; |
| |
|
| |
if (pledge("stdio rpath getpw proc exec id", NULL) == -1) |
| |
err(1, "pledge"); |
| |
|
| closefrom(STDERR_FILENO + 1); |
closefrom(STDERR_FILENO + 1); |
| |
|
| uid = getuid(); |
uid = getuid(); |
|
|
| errc(1, EPERM, NULL); |
errc(1, EPERM, NULL); |
| } |
} |
| } |
} |
| |
|
| |
if (pledge("stdio rpath getpw exec id", NULL) == -1) |
| |
err(1, "pledge"); |
| |
|
| envp = copyenv((const char **)envp, rule); |
envp = copyenv((const char **)envp, rule); |
| |
|
| pw = getpwuid(target); |
pw = getpwuid(target); |
| if (!pw) |
if (!pw) |
| errx(1, "no passwd entry for target"); |
errx(1, "no passwd entry for target"); |
| |
|
| |
if (pledge("stdio rpath id exec", NULL) == -1) |
| |
err(1, "pledge"); |
| |
|
| if (setusercontext(NULL, pw, target, LOGIN_SETGROUP | |
if (setusercontext(NULL, pw, target, LOGIN_SETGROUP | |
| LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK | |
LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK | |
| LOGIN_SETUSER) != 0) |
LOGIN_SETUSER) != 0) |
| errx(1, "failed to set user context for target"); |
errx(1, "failed to set user context for target"); |
| |
|
| |
if (pledge("stdio rpath exec", NULL) == -1) |
| |
err(1, "pledge"); |
| |
|
| if (getcwd(cwdpath, sizeof(cwdpath)) == NULL) |
if (getcwd(cwdpath, sizeof(cwdpath)) == NULL) |
| cwd = "(failed)"; |
cwd = "(failed)"; |
| else |
else |
| cwd = cwdpath; |
cwd = cwdpath; |
| |
|
| |
if (pledge("stdio exec", NULL) == -1) |
| |
err(1, "pledge"); |
| |
|
| syslog(LOG_AUTHPRIV | LOG_INFO, "%s ran command %s as %s from %s", |
syslog(LOG_AUTHPRIV | LOG_INFO, "%s ran command %s as %s from %s", |
| myname, cmdline, pw->pw_name, cwd); |
myname, cmdline, pw->pw_name, cwd); |
![[BACK]](/icons/back.gif){kind=icon}
Return to doas.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / doas