diff options
| author | Justus Winter <justus@gnupg.org> | 2016-04-25 14:40:15 +0200 |
|---|---|---|
| committer | Justus Winter <justus@gnupg.org> | 2016-04-25 14:40:15 +0200 |
| commit | 77acab7aeaf1bf402afde12d38204b31979d3803 (patch) | |
| tree | 89e9b2d7b643e1303891fbb63195ae0a358d3070 /debian/patches/fixes0002-libtrivfs-fix-notion-of-privileged-user.patch | |
| parent | 1dc6afe8ee6508bc723f42c753103eba9d9dc2b4 (diff) | |
add patch series
Diffstat (limited to 'debian/patches/fixes0002-libtrivfs-fix-notion-of-privileged-user.patch')
| -rw-r--r-- | debian/patches/fixes0002-libtrivfs-fix-notion-of-privileged-user.patch | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/debian/patches/fixes0002-libtrivfs-fix-notion-of-privileged-user.patch b/debian/patches/fixes0002-libtrivfs-fix-notion-of-privileged-user.patch new file mode 100644 index 00000000..88ea44af --- /dev/null +++ b/debian/patches/fixes0002-libtrivfs-fix-notion-of-privileged-user.patch @@ -0,0 +1,108 @@ +From e97dac57ce18693e0b6360af3a9377b48ab13ad2 Mon Sep 17 00:00:00 2001 +From: Justus Winter <justus@gnupg.org> +Date: Mon, 25 Apr 2016 01:38:45 +0200 +Subject: [PATCH hurd 2/5] libtrivfs: fix notion of privileged user + +Set 'is_root' if the node has been opened by the root user (this was +the old behavior) or if it has been opened by the user the translator +is executing under. + +This fixes the irritating bug that an unprivileged user cannot control +her own trivfs-based translators. It does not change how privileged +trivfs translators work. + +* libtrivfs/io-reauthenticate.c (trivfs_S_io_reauthenticate): Use the +new function to compute 'isroot'. +* libtrivfs/io-restrict-auth.c (trivfs_S_io_restrict_auth): Likewise. +* libtrivfs/open.c (trivfs_open): Likewise. +* libtrivfs/priv.h (_is_privileged): New function. +* libtrivfs/trivfs.h (struct peropen): Clarify what 'isroot' means. +--- + libtrivfs/io-reauthenticate.c | 3 +-- + libtrivfs/io-restrict-auth.c | 4 +--- + libtrivfs/open.c | 2 +- + libtrivfs/priv.h | 9 +++++++++ + libtrivfs/trivfs.h | 3 ++- + 5 files changed, 14 insertions(+), 7 deletions(-) + +diff --git a/libtrivfs/io-reauthenticate.c b/libtrivfs/io-reauthenticate.c +index 35775e5..72684e3 100644 +--- a/libtrivfs/io-reauthenticate.c ++++ b/libtrivfs/io-reauthenticate.c +@@ -59,8 +59,7 @@ trivfs_S_io_reauthenticate (struct trivfs_protid *cred, + return err; + + mach_port_deallocate (mach_task_self (), newright); +- if (idvec_contains (newcred->user->uids, 0)) +- newcred->isroot = 1; ++ newcred->isroot = _is_privileged (newcred->user->uids); + + newcred->hook = cred->hook; + newcred->po = cred->po; +diff --git a/libtrivfs/io-restrict-auth.c b/libtrivfs/io-restrict-auth.c +index cb4224d..6c807f1 100644 +--- a/libtrivfs/io-restrict-auth.c ++++ b/libtrivfs/io-restrict-auth.c +@@ -109,11 +109,9 @@ trivfs_S_io_restrict_auth (struct trivfs_protid *cred, + return err; + } + +- newcred->isroot = 0; + newcred->po = cred->po; + refcount_ref (&newcred->po->refcnt); +- if (cred->isroot && idvec_contains (user->uids, 0)) +- newcred->isroot = 1; ++ newcred->isroot = cred->isroot && _is_privileged (user->uids); + newcred->user = user; + newcred->hook = cred->hook; + +diff --git a/libtrivfs/open.c b/libtrivfs/open.c +index 97e70a1..35a9452 100644 +--- a/libtrivfs/open.c ++++ b/libtrivfs/open.c +@@ -56,7 +56,7 @@ trivfs_open (struct trivfs_control *cntl, + if (! err) + { + new->user = user; +- new->isroot = idvec_contains (user->uids, 0); ++ new->isroot = _is_privileged (user->uids); + + new->po = po; + new->hook = 0; +diff --git a/libtrivfs/priv.h b/libtrivfs/priv.h +index d92fe33..4bdd4f7 100644 +--- a/libtrivfs/priv.h ++++ b/libtrivfs/priv.h +@@ -21,6 +21,15 @@ + #include <mach.h> + #include <hurd.h> + #include <hurd/ports.h> ++#include <idvec.h> ++#include <unistd.h> + #include "trivfs.h" + ++/* Returns true if UIDS contains either 0 or our user id. */ ++static inline int ++_is_privileged (struct idvec *uids) ++{ ++ return idvec_contains (uids, 0) || idvec_contains (uids, getuid ()); ++} ++ + #endif +diff --git a/libtrivfs/trivfs.h b/libtrivfs/trivfs.h +index d81c4f9..49cc765 100644 +--- a/libtrivfs/trivfs.h ++++ b/libtrivfs/trivfs.h +@@ -30,7 +30,8 @@ struct trivfs_protid + { + struct port_info pi; + struct iouser *user; +- int isroot; ++ int isroot; /* Opened by a privileged user, either ++ root or our own user. */ + /* REALNODE will be null if this protid wasn't fully created (currently + only in the case where trivfs_protid_create_hook returns an error). */ + mach_port_t realnode; /* restricted permissions */ +-- +2.1.4 + |