emo/ndhc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nk/privs: Use NO_NEW_PRIVS by default when setting non-empty capset.

Browse Source 
There's no need to gate it behind a #define anymore given that
Linux 3.5 was released in 2012.
This commit is contained in:
Nicholas J. Kain 2022-03-08 14:54:57 -05:00
parent b21edf205a
commit 9998790488
1 changed files with 7 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
nk/privs.c
View File

@ -1,4 +1,4 @@
// Copyright 2005-2018 Nicholas J. Kain <njkain at gmail dot com> // Copyright 2005-2022 Nicholas J. Kain <njkain at gmail dot com>
// SPDX-License-Identifier: MIT // SPDX-License-Identifier: MIT
#ifndef _GNU_SOURCE #ifndef _GNU_SOURCE
#define _GNU_SOURCE #define _GNU_SOURCE
@ -52,6 +52,11 @@ static size_t nk_get_capability_vinfo(uint32_t *version)
return _LINUX_CAPABILITY_U32S_3; return _LINUX_CAPABILITY_U32S_3;
} }
} }
static void nk_set_no_new_privs(void)
{
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0))
suicide("%s: prctl failed: %s", __func__, strerror(errno));
}
static size_t nk_set_capability_prologue(const unsigned char *caps, static size_t nk_set_capability_prologue(const unsigned char *caps,
size_t caplen, size_t caplen,
uint32_t *cversion) uint32_t *cversion)
@ -90,6 +95,7 @@ static void nk_set_capability_epilogue(const unsigned char *caps,
} }
if (capset(&hdr, (cap_user_data_t)&data) < 0) if (capset(&hdr, (cap_user_data_t)&data) < 0)
suicide("%s: capset failed: %s", __func__, strerror(errno)); suicide("%s: capset failed: %s", __func__, strerror(errno));
nk_set_no_new_privs();
} }
#else #else
static size_t nk_set_capability_prologue(const unsigned char *caps, static size_t nk_set_capability_prologue(const unsigned char *caps,
@ -102,16 +108,6 @@ static void nk_set_capability_epilogue(const unsigned char *caps,
{ (void)caps; (void)caplen; (void)cversion; (void)csize; } { (void)caps; (void)caplen; (void)cversion; (void)csize; }
#endif #endif
#ifdef NK_USE_NO_NEW_PRIVS
static void nk_set_no_new_privs(void)
{
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0))
suicide("%s: prctl failed: %s", __func__, strerror(errno));
}
#else
static void nk_set_no_new_privs(void) {}
#endif
void nk_set_uidgid(uid_t uid, gid_t gid, const unsigned char *caps, void nk_set_uidgid(uid_t uid, gid_t gid, const unsigned char *caps,
size_t caplen) size_t caplen)
{ {
@ -137,7 +133,6 @@ void nk_set_uidgid(uid_t uid, gid_t gid, const unsigned char *caps,
suicide("%s: OS or libc broken; able to restore privs after drop", suicide("%s: OS or libc broken; able to restore privs after drop",
__func__); __func__);
nk_set_capability_epilogue(caps, caplen, cversion, csize); nk_set_capability_epilogue(caps, caplen, cversion, csize);
nk_set_no_new_privs();
} }
uid_t nk_uidgidbyname(const char *username, uid_t *uid, gid_t *gid) uid_t nk_uidgidbyname(const char *username, uid_t *uid, gid_t *gid)