Menu
▾
▴
squirrelmail-imapproxy
|
From: Shawn L. <sh...@ch...> - 2013-08-25 02:57:00
|
from prctl(2):
With no_new_privs set to 1, execve(2) promises not to grant
privileges to do anything that could not have been done without
the execve(2) call (for example, rendering the set-user-ID and
set-group-ID permission bits, and file capabilities non-func‐
tional). Once set, this bit cannot be unset. The setting of
this bit is inherited by children created by fork(2) and
clone(2), and preserved across execve(2).
---
include/imapproxy.h | 3 +++
src/becomenonroot.c | 16 +++++++++++++++-
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/include/imapproxy.h b/include/imapproxy.h
index ce0b13b..aa090c4 100644
--- a/include/imapproxy.h
+++ b/include/imapproxy.h
@@ -152,6 +152,9 @@
#include <limits.h>
#endif
+#ifndef PR_SET_NO_NEW_PRIVS
+#define PR_SET_NO_NEW_PRIVS 38
+#endif
/*
* Common definitions
diff --git a/src/becomenonroot.c b/src/becomenonroot.c
index f19a9fb..7399ba8 100644
--- a/src/becomenonroot.c
+++ b/src/becomenonroot.c
@@ -57,6 +57,9 @@
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
+#ifdef __linux__
+#include <sys/prctl.h>
+#endif
#include "imapproxy.h"
@@ -185,7 +188,18 @@ extern int BecomeNonRoot( void )
newuid, strerror(errno));
return(-1);
}
-
+
+#ifdef __linux__
+ if ( prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0)
+ {
+ syslog( LOG_WARNING, "%s: prctl(PR_SET_NO_NEW_PRIVS, 1) failed: %s", fn,
+ strerror(errno));
+ if ( errno == EINVAL )
+ syslog( LOG_INFO, "%s: Perhaps kernel too old (<3.5)", fn);
+ } else
+ syslog( LOG_INFO, "%s: enabled no_new_privs", fn)
+#endif
+
return(0);
}
--
1.8.4.rc3
|
|
From: Paul L. <pa...@sq...> - 2013-08-25 03:30:43
|
Hi Shawn,
On Sat, Aug 24, 2013 at 7:56 PM, Shawn Landden <sh...@ch...> wrote:
> from prctl(2):
>
> With no_new_privs set to 1, execve(2) promises not to grant
> privileges to do anything that could not have been done without
> the execve(2) call (for example, rendering the set-user-ID and
> set-group-ID permission bits, and file capabilities non-func‐
> tional). Once set, this bit cannot be unset. The setting of
> this bit is inherited by children created by fork(2) and
> clone(2), and preserved across execve(2).
This is a great idea, and we really appreciate you providing the patch
ready to go. Is this version any different than what you sent to the
squirrelmail-devel list yesterday?
> ---
> include/imapproxy.h | 3 +++
> src/becomenonroot.c | 16 +++++++++++++++-
> 2 files changed, 18 insertions(+), 1 deletion(-)
>
> diff --git a/include/imapproxy.h b/include/imapproxy.h
> index ce0b13b..aa090c4 100644
> --- a/include/imapproxy.h
> +++ b/include/imapproxy.h
> @@ -152,6 +152,9 @@
> #include <limits.h>
> #endif
>
> +#ifndef PR_SET_NO_NEW_PRIVS
> +#define PR_SET_NO_NEW_PRIVS 38
> +#endif
>
> /*
> * Common definitions
> diff --git a/src/becomenonroot.c b/src/becomenonroot.c
> index f19a9fb..7399ba8 100644
> --- a/src/becomenonroot.c
> +++ b/src/becomenonroot.c
> @@ -57,6 +57,9 @@
> #if HAVE_UNISTD_H
> #include <unistd.h>
> #endif
> +#ifdef __linux__
> +#include <sys/prctl.h>
> +#endif
>
> #include "imapproxy.h"
>
> @@ -185,7 +188,18 @@ extern int BecomeNonRoot( void )
> newuid, strerror(errno));
> return(-1);
> }
> -
> +
> +#ifdef __linux__
> + if ( prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0)
> + {
> + syslog( LOG_WARNING, "%s: prctl(PR_SET_NO_NEW_PRIVS, 1) failed: %s", fn,
> + strerror(errno));
> + if ( errno == EINVAL )
> + syslog( LOG_INFO, "%s: Perhaps kernel too old (<3.5)", fn);
> + } else
> + syslog( LOG_INFO, "%s: enabled no_new_privs", fn)
> +#endif
> +
> return(0);
> }
>
> --
> 1.8.4.rc3
>
>
> ------------------------------------------------------------------------------
> Introducing Performance Central, a new site from SourceForge and
> AppDynamics. Performance Central is your source for news, insights,
> analysis and resources for efficient Application Performance Management.
> Visit us today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
> -----
> squirrelmail-imapproxy mailing list
> Posting guidelines: http://squirrelmail.org/postingguidelines
> List address: squ...@li...
> List archives: http://news.gmane.org/gmane.mail.squirrelmail.imapproxy
> List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-imapproxy
--
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php
|
|
From: Shawn L. <sh...@ch...> - 2013-08-25 17:37:38
|
From: "Paul Lesniewski"
On Sat, Aug 24, 2013 at 7:56 PM, Shawn Landden wrote:
This is a great idea, and we really appreciate you providing the patch
ready to go. Is this version any different than what you sent to the
squirrelmail-devel list yesterday?
I changed the error message to say which version the feature appeared in (Linux 3.5)
---
include/imapproxy.h | 3 +++
src/becomenonroot.c | 16 +++++++++++++++-
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/include/imapproxy.h b/include/imapproxy.h
index ce0b13b..aa090c4 100644
--- a/include/imapproxy.h
+++ b/include/imapproxy.h
@@ -152,6 +152,9 @@
#include
#endif
+#ifndef PR_SET_NO_NEW_PRIVS
+#define PR_SET_NO_NEW_PRIVS 38
+#endif
/*
* Common definitions
diff --git a/src/becomenonroot.c b/src/becomenonroot.c
index f19a9fb..7399ba8 100644
--- a/src/becomenonroot.c
+++ b/src/becomenonroot.c
@@ -57,6 +57,9 @@
#if HAVE_UNISTD_H
#include
#endif
+#ifdef __linux__
+#include
+#endif
#include "imapproxy.h"
@@ -185,7 +188,18 @@ extern int BecomeNonRoot( void )
newuid, strerror(errno));
return(-1);
}
-
+
+#ifdef __linux__
+ if ( prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0)
+ {
+ syslog( LOG_WARNING, "%s: prctl(PR_SET_NO_NEW_PRIVS, 1) failed: %s", fn,
+ strerror(errno));
+ if ( errno == EINVAL )
+ syslog( LOG_INFO, "%s: Perhaps kernel too old (
|
|
From: Paul L. <pa...@sq...> - 2016-09-14 02:02:41
|
Shawn,
Sorry for the delay. This has been added.
Thank you!
On 2013年08月24日 19:56, Shawn Landden wrote:
> from prctl(2):
>
> With no_new_privs set to 1, execve(2) promises not to grant
> privileges to do anything that could not have been done without
> the execve(2) call (for example, rendering the set-user-ID and
> set-group-ID permission bits, and file capabilities non-func‐
> tional). Once set, this bit cannot be unset. The setting of
> this bit is inherited by children created by fork(2) and
> clone(2), and preserved across execve(2).
> ---
> include/imapproxy.h | 3 +++
> src/becomenonroot.c | 16 +++++++++++++++-
> 2 files changed, 18 insertions(+), 1 deletion(-)
>
> diff --git a/include/imapproxy.h b/include/imapproxy.h
> index ce0b13b..aa090c4 100644
> --- a/include/imapproxy.h
> +++ b/include/imapproxy.h
> @@ -152,6 +152,9 @@
> #include <limits.h>
> #endif
>
> +#ifndef PR_SET_NO_NEW_PRIVS
> +#define PR_SET_NO_NEW_PRIVS 38
> +#endif
>
> /*
> * Common definitions
> diff --git a/src/becomenonroot.c b/src/becomenonroot.c
> index f19a9fb..7399ba8 100644
> --- a/src/becomenonroot.c
> +++ b/src/becomenonroot.c
> @@ -57,6 +57,9 @@
> #if HAVE_UNISTD_H
> #include <unistd.h>
> #endif
> +#ifdef __linux__
> +#include <sys/prctl.h>
> +#endif
>
> #include "imapproxy.h"
>
> @@ -185,7 +188,18 @@ extern int BecomeNonRoot( void )
> newuid, strerror(errno));
> return(-1);
> }
> -
> +
> +#ifdef __linux__
> + if ( prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0)
> + {
> + syslog( LOG_WARNING, "%s: prctl(PR_SET_NO_NEW_PRIVS, 1) failed: %s", fn,
> + strerror(errno));
> + if ( errno == EINVAL )
> + syslog( LOG_INFO, "%s: Perhaps kernel too old (<3.5)", fn);
> + } else
> + syslog( LOG_INFO, "%s: enabled no_new_privs", fn)
> +#endif
> +
> return(0);
> }
>
>
--
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php
|
Thanks for helping keep SourceForge clean.
X