mirror
/
sane-project-backends
kopia lustrzana https://gitlab.com/sane-project/backends
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

saned can now drop privileges when running in standalone mode.

merge-requests/1/head
Julien BLACHE 2008-04-10 16:55:36 +00:00
rodzic cbb3833dbe
commit 90a1c88e0d
3 zmienionych plików z 43 dodań i 9 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

4
ChangeLog
Wyświetl plik

@ -1,7 +1,9 @@
2008-04-10 Julien Blache <jb@jblache.org> 2008-04-10 Julien Blache <jb@jblache.org>
* frontend/saned.c: do not use daemon(), as it's a 4.4BSD/glibc * frontend/saned.c: do not use daemon(), as it's a 4.4BSD/glibc
function; OS/2 for instance does not have it. Use an open-coded function; OS/2 for instance does not have it. Use an open-coded
equivalent. Add a PID file. equivalent. Add a PID file. saned -a username now drops privileges
and runs as the given user (and group).
* doc/saned.man: document -a username.
2008-04-06 Nicolas Martin <nicols-guest at users.alioth.debian.org> 2008-04-06 Nicolas Martin <nicols-guest at users.alioth.debian.org>
* backend/pixma_mp150.c: * backend/pixma_mp150.c:

14
doc/saned.man
Wyświetl plik

@ -1,10 +1,12 @@
.TH saned 8 "6 April 2008" "@PACKAGEVERSION@" "SANE Scanner Access Now Easy" .TH saned 8 "10 April 2008" "@PACKAGEVERSION@" "SANE Scanner Access Now Easy"
.IX saned .IX saned
.SH NAME .SH NAME
saned \- SANE network daemon saned \- SANE network daemon
.SH SYNOPSIS .SH SYNOPSIS
.B saned .B saned
.B [ -a | -d .B [ -a
.I [ username ]
.B | -d
.I [ n ] .I [ n ]
.B | -s .B | -s
.I [ n ] .I [ n ]
@ -26,7 +28,13 @@ client connections;
.B inetd .B inetd
is not required for is not required for
.B saned .B saned
operations in this mode. operations in this mode. If the optional
.B username
is given after
.B -a
,
.B saned
will drop root privileges and run as this user (and group).
.PP .PP
The The
.B -d .B -d

34
frontend/saned.c
Wyświetl plik

@ -78,6 +78,8 @@
#include <sys/wait.h> #include <sys/wait.h>
#include <pwd.h>
#if defined(HAVE_SYS_POLL_H) && defined(HAVE_POLL) #if defined(HAVE_SYS_POLL_H) && defined(HAVE_POLL)
# include <sys/poll.h> # include <sys/poll.h>
#else #else
@ -2446,16 +2448,29 @@ run_standalone (int argc, char **argv)
int i; int i;
int ret; int ret;
uid_t runas_uid = -1;
gid_t runas_gid = -1;
struct passwd *pwent;
FILE *pidfile; FILE *pidfile;
/* Unused in this function */
argc = argc;
argv = argv;
do_bindings (&nfds, &fds); do_bindings (&nfds, &fds);
if (run_mode != SANED_RUN_DEBUG) if (run_mode != SANED_RUN_DEBUG)
{ {
if (argc > 2)
{
pwent = getpwnam(argv[2]);
if (pwent == NULL)
{
DBG (DBG_ERR, "FATAL ERROR: user %s not found on system\n", argv[2]);
bail_out (1);
}
runas_uid = pwent->pw_uid;
runas_gid = pwent->pw_gid;
}
DBG (DBG_MSG, "run_standalone: daemonizing now\n"); DBG (DBG_MSG, "run_standalone: daemonizing now\n");
fd = open ("/dev/null", O_RDWR); fd = open ("/dev/null", O_RDWR);
@ -2498,6 +2513,15 @@ run_standalone (int argc, char **argv)
setsid (); setsid ();
/* Drop privileges if requested */
if (runas_uid > 0)
{
seteuid (runas_uid);
setegid (runas_gid);
DBG (DBG_WARN, "Dropped privileges to uid %d gid %d\n", runas_uid, runas_gid);
}
signal(SIGINT, sig_int_term_handler); signal(SIGINT, sig_int_term_handler);
signal(SIGTERM, sig_int_term_handler); signal(SIGTERM, sig_int_term_handler);
} }
@ -2611,7 +2635,7 @@ main (int argc, char *argv[])
numchildren = 0; numchildren = 0;
run_mode = SANED_RUN_INETD; run_mode = SANED_RUN_INETD;
if (argc == 2) if (argc >= 2)
{ {
if (strncmp (argv[1], "-a", 2) == 0) if (strncmp (argv[1], "-a", 2) == 0)
run_mode = SANED_RUN_ALONE; run_mode = SANED_RUN_ALONE;