~azzar1/unity/add-show-desktop-key

Viewing changes to trampoline/trampoline.c

Committer: drtomc
Date: 2008-01-30 21:05:02 UTC
Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:337

Make trampoline use the path canonicalization code.
Add a makefile. This is only half a solution to the build issue, but it's
a start.

files added:
trampoline/Makefile

files modified:
trampoline/norm.c

trampoline/norm.h

trampoline/trampoline.c

Show diffs side-by-side

added added

removed removed

trampoline/trampoline.c

#include <unistd.h>

#include <sys/types.h>

#include <sys/stat.h>

#include <limits.h>

/* conf.h is admin-configured by the setup process.

* It defines jail_base.

124

125

int uid;

125

126

int arg_num = 1;

126

127

int daemon_mode = 0;

128

char canonical_jailpath[PATH_MAX];

127

129

128

130

/* Disallow execution from all users but the whitelisted ones, and root */

129

131

if (!uid_allowed(getuid()))

160

162

exit(1);

161

163

}

162

164

163

/* Jail path must:

164

* Be non-empty

165

* Start with a '/'

166

* Not contain "/.."

167

* Begin with jail_base

165

/* Jail path must be an absolute path,

166

* and it must begin with jail_base.

168

167

169

if (strlen(jailpath) < 1 || jailpath[0] != '/'

170

|| strstr(jailpath, "/..")

171

|| strncmp(jailpath, jail_base, strlen(jail_base)))

168

if (norm(canonical_jailpath, PATH_MAX, jailpath) != 0)

169

{

170

fprintf(stderr, "bad jail path: %s\n", jailpath);

171

exit(1);

172

}

173

if (strncmp(canonical_jailpath, jail_base, strlen(jail_base)))

172

174

{

173

175

fprintf(stderr, "bad jail path: %s\n", jailpath);

174

176

exit(1);

176

178

177

179

/* chroot into the jail.

178

180

* Henceforth this process, and its children, cannot see anything above

179

* jailpath. */

180

if (chroot(jailpath))

181

* canoncial_jailpath. */

182

if (chroot(canonical_jailpath))

181

183

{

182

184

perror("could not chroot");

183

185

exit(1);

Older »