#include "caps.h"
void pa_drop_root(void) {
- if (getuid() != 0 && geteuid() == 0) {
- pa_log(__FILE__": Started SUID root, dropping root rights.\n");
- setuid(getuid());
- seteuid(getuid());
- }
+ uid_t uid = getuid();
+
+ if (uid == 0 || geteuid() != 0)
+ return;
+
+ pa_log(__FILE__": dropping root rights.\n");
+
+ setuid(uid);
+ seteuid(uid);
}
#ifdef HAVE_SYS_CAPABILITY_H
+
int pa_limit_caps(void) {
int r = -1;
cap_t caps;
assert(caps);
cap_clear(caps);
+
cap_set_flag(caps, CAP_EFFECTIVE, 1, &nice_cap, CAP_SET);
cap_set_flag(caps, CAP_PERMITTED, 1, &nice_cap, CAP_SET);
if (cap_set_proc(caps) < 0)
goto fail;
- pa_log(__FILE__": Started SUID root, capabilities limited.\n");
-
+ pa_log(__FILE__": dropped capabilities successfully.\n");
+
r = 0;
fail:
cap_clear(caps);
- if (cap_set_proc(caps) < 0)
+ if (cap_set_proc(caps) < 0) {
+ pa_log(__FILE__": failed to drop capabilities: %s\n", strerror(errno));
goto fail;
-
- pa_drop_root();
+ }
r = 0;
#include "dumpmodules.h"
#include "caps.h"
-static struct pa_mainloop *mainloop;
-
static void signal_callback(struct pa_mainloop_api*m, struct pa_signal_event *e, int sig, void *userdata) {
pa_log(__FILE__": Got signal %s.\n", pa_strsignal(sig));
struct pa_core *c;
struct pa_strbuf *buf = NULL;
struct pa_daemon_conf *conf;
+ struct pa_mainloop *mainloop;
+
char *s;
int r, retval = 1, d = 0;
int daemon_pipe[2] = { -1, -1 };
+ gid_t gid = (gid_t) -1;
+ int suid_root;
pa_limit_caps();
+
+ suid_root = getuid() != 0 && geteuid() == 0;
+
+ if (suid_root && (pa_uid_in_group("realtime", &gid) <= 0 || gid >= 1000)) {
+ pa_log(__FILE__": WARNING: called SUID root, but not in group 'realtime'.\n");
+ pa_drop_root();
+ }
r = lt_dlinit();
assert(r == 0);
pa_log_set_ident("polypaudio");
-
+
conf = pa_daemon_conf_new();
-
+
if (pa_daemon_conf_load(conf, NULL) < 0)
goto finish;
-
+
if (pa_daemon_conf_env(conf) < 0)
goto finish;
pa_log(__FILE__": failed to parse command line.\n");
goto finish;
}
-
+
pa_log_set_target(conf->auto_log_target ? PA_LOG_STDERR : conf->log_target, NULL);
if (conf->high_priority && conf->cmd == PA_CMD_DAEMON)
pa_raise_priority();
-
+
pa_drop_caps();
+
+ if (suid_root)
+ pa_drop_root();
if (conf->dl_search_path)
lt_dlsetsearchpath(conf->dl_search_path);
#include <sched.h>
#include <sys/resource.h>
#include <limits.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/stat.h>
#include <unistd.h>
-
+#include <grp.h>
#include <samplerate.h>
else
return -1;
}
+
+static int is_group(gid_t gid, const char *name) {
+ struct group group, *result = NULL;
+ long n = sysconf(_SC_GETGR_R_SIZE_MAX);
+ void *data;
+ int r = -1;
+
+ assert(n > 0);
+ data = pa_xmalloc(n);
+
+ if (getgrgid_r(gid, &group, data, n, &result) < 0 || !result) {
+ pa_log(__FILE__ ": getgrgid_r(%u) failed: %s\n", gid, strerror(errno));
+ goto finish;
+ }
+
+
+ r = strcmp(name, result->gr_name) == 0;
+
+finish:
+ pa_xfree(data);
+
+ return r;
+}
+
+int pa_uid_in_group(const char *name, gid_t *gid) {
+ gid_t *gids, tgid;
+ long n = sysconf(_SC_NGROUPS_MAX);
+ int r = -1, i;
+
+ assert(n > 0);
+
+ gids = pa_xmalloc(sizeof(gid_t)*n);
+
+ if ((n = getgroups(n, gids)) < 0) {
+ pa_log(__FILE__": getgroups() failed: %s\n", strerror(errno));
+ goto finish;
+ }
+
+ for (i = 0; i < n; i++) {
+ if (is_group(gids[i], name) > 0) {
+ *gid = gids[i];
+ r = 1;
+ goto finish;
+ }
+ }
+
+ if (is_group(tgid = getgid(), name) > 0) {
+ *gid = tgid;
+ r = 1;
+ goto finish;
+ }
+
+ r = 0;
+
+finish:
+
+ pa_xfree(gids);
+ return r;
+}
int pa_parse_resample_method(const char *string);
+int pa_uid_in_group(const char *name, gid_t *gid);
#endif