diff options
| author | Roy Marples <roy@marples.name> | 2020-05-21 18:28:27 +0100 |
|---|---|---|
| committer | Roy Marples <roy@marples.name> | 2020-05-21 18:28:27 +0100 |
| commit | b06b1423c89de4014e075a58239841b4e1028b77 (patch) | |
| tree | 5ab4a83fffe2351057cb73d1e55e78b70f9e02d2 /src/privsep-root.c | |
| parent | 79db244442f6d77b3031a277d4fa536d7a84860d (diff) | |
| download | dhcpcd-b06b1423c89de4014e075a58239841b4e1028b77.tar.xz | |
dhcpcd: Move the script file from per interface to global context
This *should* affect no-one, but you never know.
The primary motivation for this is to ensure that nothing arbitary
can be executed by the root process if anyone breaks into the
chrooted unprivileged master process.
It also makes for smaller code.
Diffstat (limited to 'src/privsep-root.c')
| -rw-r--r-- | src/privsep-root.c | 56 |
1 files changed, 4 insertions, 52 deletions
diff --git a/src/privsep-root.c b/src/privsep-root.c index 36e1ec1a..716a55c4 100644 --- a/src/privsep-root.c +++ b/src/privsep-root.c @@ -259,34 +259,13 @@ static ssize_t ps_root_run_script(struct dhcpcd_ctx *ctx, const void *data, size_t len) { const char *envbuf = data; - char * const argv[] = { UNCONST(data), NULL }; + char * const argv[] = { ctx->script, NULL }; pid_t pid; int status; -#ifdef PRIVSEP_DEBUG - logdebugx("%s: IN %zu", __func__, len); -#endif - if (len == 0) return 0; - /* Script is the first one, find the environment buffer. */ - while (*envbuf != '\0') { - if (len == 0) - return EINVAL; - envbuf++; - len--; - } - - if (len != 0) { - envbuf++; - len--; - } - -#ifdef PRIVSEP_DEBUG - logdebugx("%s: run script: %s", __func__, argv[0]); -#endif - if (script_buftoenv(ctx, UNCONST(envbuf), len) == NULL) return -1; @@ -678,39 +657,12 @@ ps_root_stop(struct dhcpcd_ctx *ctx) } ssize_t -ps_root_script(const struct interface *ifp, const void *data, size_t len) +ps_root_script(struct dhcpcd_ctx *ctx, const void *data, size_t len) { - char buf[PS_BUFLEN], *p = buf; - size_t blen = PS_BUFLEN, slen = strlen(ifp->options->script) + 1; - -#ifdef PRIVSEP_DEBUG - logdebugx("%s: sending script: %zu %s len %zu", - __func__, slen, ifp->options->script, len); -#endif - if (slen > blen) { - errno = ENOBUFS; + if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_SCRIPT, 0, data, len) == -1) return -1; - } - memcpy(p, ifp->options->script, slen); - p += slen; - blen -= slen; - - if (len > blen) { - errno = ENOBUFS; - return -1; - } - memcpy(p, data, len); - -#ifdef PRIVSEP_DEBUG - logdebugx("%s: sending script data: %zu", __func__, slen + len); -#endif - - if (ps_sendcmd(ifp->ctx, ifp->ctx->ps_root_fd, PS_SCRIPT, 0, - buf, slen + len) == -1) - return -1; - - return ps_root_readerror(ifp->ctx, NULL, 0); + return ps_root_readerror(ctx, NULL, 0); } ssize_t |