Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:lnussel:fscaps
iputils
iputils-s20101006-capabilities.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File iputils-s20101006-capabilities.diff of Package iputils
From 584838c9d4a496c4329e4c9a3d35520db00abb99 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <ludwig.nussel@suse.de> Date: Wed, 3 Nov 2010 17:43:42 +0100 Subject: [PATCH iputils] drop capabilities dropping capabilities makes sure that ping also gets rid of privileges gained via fscaps. Capabilities are also dropped when called as root so the running ping process has no special privileges anymore at all even in that case. Capabilities need to be dropped after setuid() otherwise a setuid ping would not have the privileges to drop root privileges anymore! --- Makefile | 6 ++++++ ping.c | 16 ++++++++++++++++ ping6.c | 16 ++++++++++++++++ 3 files changed, 38 insertions(+), 0 deletions(-) diff --git a/Makefile b/Makefile index d9a5ca5..6629ebf 100644 --- a/Makefile +++ b/Makefile @@ -6,6 +6,12 @@ DEFINES= #options if you have a bind>=4.9.4 libresolv (or, maybe, glibc) LDLIBS= ADDLIB= +CAPABILITIES= + +ifeq ($(CAPABILITIES),1) +DEFINES += -DHAVE_CAPABILITIES +LDLIBS += -lcap +endif #options if you compile with libc5, and without a bind>=4.9.4 libresolv # NOT AVAILABLE. Please, use libresolv. diff --git a/ping.c b/ping.c index eacb29d..fa91163 100644 --- a/ping.c +++ b/ping.c @@ -62,6 +62,9 @@ char copyright[] = #include <netinet/ip.h> #include <netinet/ip_icmp.h> +#ifdef HAVE_CAPABILITIES +#include <sys/capability.h> +#endif #ifndef ICMP_FILTER #define ICMP_FILTER 1 @@ -122,6 +125,9 @@ main(int argc, char **argv) u_char *packet; char *target, hnamebuf[MAX_HOSTNAMELEN]; char rspace[3 + 4 * NROUTES + 1]; /* record route space */ +#ifdef HAVE_CAPABILITIES + cap_t caps; +#endif icmp_sock = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); socket_errno = errno; @@ -132,6 +138,16 @@ main(int argc, char **argv) exit(-1); } +#ifdef HAVE_CAPABILITIES + /* drop all capabilities unconditionally so even root isn't special anymore */ + caps = cap_init(); + if (cap_set_proc(caps) < 0) { + perror("ping: cap_set_proc"); + exit(-1); + } + cap_free(caps); +#endif + source.sin_family = AF_INET; preload = 1; diff --git a/ping6.c b/ping6.c index c5ff881..bfc0769 100644 --- a/ping6.c +++ b/ping6.c @@ -72,6 +72,9 @@ char copyright[] = #include <netinet/ip6.h> #include <netinet/icmp6.h> #include <resolv.h> +#ifdef HAVE_CAPABILITIES +#include <sys/capability.h> +#endif #include "ping6_niquery.h" @@ -528,6 +531,9 @@ int main(int argc, char *argv[]) int csum_offset, sz_opt; #endif static uint32_t scope_id = 0; +#ifdef HAVE_CAPABILITIES + cap_t caps; +#endif icmp_sock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6); socket_errno = errno; @@ -538,6 +544,16 @@ int main(int argc, char *argv[]) exit(-1); } +#ifdef HAVE_CAPABILITIES + /* drop all capabilities unconditionally so even root isn't special anymore */ + caps = cap_init(); + if (cap_set_proc(caps) < 0) { + perror("ping: cap_set_proc"); + exit(-1); + } + cap_free(caps); +#endif + source.sin6_family = AF_INET6; memset(&firsthop, 0, sizeof(firsthop)); firsthop.sin6_family = AF_INET6; -- 1.7.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor