From: Mike K. <mi...@pa...> - 2012-02-17 18:24:33
|
otherwise, other local users could change the mapping, and gain access to things they shouldn't --- sshfs.c | 16 ++++++++++++++++ 1 files changed, 16 insertions(+), 0 deletions(-) diff --git a/sshfs.c b/sshfs.c index 7afbd87..ed9652c 100644 --- a/sshfs.c +++ b/sshfs.c @@ -3561,6 +3561,7 @@ static void read_id_map(char *file, uint32_t *(*map_fn)(char *), FILE *fp; char line[LINE_MAX]; unsigned int lineno = 0; + uid_t local_uid = getuid(); fp = fopen(file, "r"); if (fp == NULL) { @@ -3568,6 +3569,21 @@ static void read_id_map(char *file, uint32_t *(*map_fn)(char *), file, strerror(errno)); exit(1); } + struct stat st; + if (fstat(fileno(fp), &st) == -1) { + fprintf(stderr, "failed to stat '%s': %s\n", file, + strerror(errno)); + exit(1); + } + if (st.st_uid != local_uid) { + fprintf(stderr, "'%s' is not owned by uid %lu\n", file, + (unsigned long)local_uid); + exit(1); + } + if (st.st_mode & (S_IWGRP | S_IWOTH)) { + fprintf(stderr, "'%s' is writable by other users\n", file); + exit(1); + } while (fgets(line, LINE_MAX, fp) != NULL) { lineno++; -- 1.7.9 |