From 9998790488e1b0e39419b02931b1db02f499f7e8 Mon Sep 17 00:00:00 2001 From: "Nicholas J. Kain" Date: Tue, 8 Mar 2022 14:54:57 -0500 Subject: [PATCH] nk/privs: Use NO_NEW_PRIVS by default when setting non-empty capset. There's no need to gate it behind a #define anymore given that Linux 3.5 was released in 2012. --- nk/privs.c | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/nk/privs.c b/nk/privs.c index 5b79b06..82873af 100644 --- a/nk/privs.c +++ b/nk/privs.c @@ -1,4 +1,4 @@ -// Copyright 2005-2018 Nicholas J. Kain +// Copyright 2005-2022 Nicholas J. Kain // SPDX-License-Identifier: MIT #ifndef _GNU_SOURCE #define _GNU_SOURCE @@ -52,6 +52,11 @@ static size_t nk_get_capability_vinfo(uint32_t *version) return _LINUX_CAPABILITY_U32S_3; } } +static void nk_set_no_new_privs(void) +{ + if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) + suicide("%s: prctl failed: %s", __func__, strerror(errno)); +} static size_t nk_set_capability_prologue(const unsigned char *caps, size_t caplen, uint32_t *cversion) @@ -90,6 +95,7 @@ static void nk_set_capability_epilogue(const unsigned char *caps, } if (capset(&hdr, (cap_user_data_t)&data) < 0) suicide("%s: capset failed: %s", __func__, strerror(errno)); + nk_set_no_new_privs(); } #else static size_t nk_set_capability_prologue(const unsigned char *caps, @@ -102,16 +108,6 @@ static void nk_set_capability_epilogue(const unsigned char *caps, { (void)caps; (void)caplen; (void)cversion; (void)csize; } #endif -#ifdef NK_USE_NO_NEW_PRIVS -static void nk_set_no_new_privs(void) -{ - if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) - suicide("%s: prctl failed: %s", __func__, strerror(errno)); -} -#else -static void nk_set_no_new_privs(void) {} -#endif - void nk_set_uidgid(uid_t uid, gid_t gid, const unsigned char *caps, size_t caplen) { @@ -137,7 +133,6 @@ void nk_set_uidgid(uid_t uid, gid_t gid, const unsigned char *caps, suicide("%s: OS or libc broken; able to restore privs after drop", __func__); nk_set_capability_epilogue(caps, caplen, cversion, csize); - nk_set_no_new_privs(); } uid_t nk_uidgidbyname(const char *username, uid_t *uid, gid_t *gid)