removed djumbai_send group
This commit is contained in:
parent
15ab32dc48
commit
b29258a2e9
2 changed files with 39 additions and 11 deletions
src
|
@ -9,8 +9,12 @@
|
|||
|
||||
int main() {
|
||||
// Change the root of the process so it doesn't have access to anything else.
|
||||
chroot("/opt/djumbai/");
|
||||
const char *message_queue_path = "/opt/djumbai/fifos/message_queue";
|
||||
|
||||
chdir("/opt/djumbai/");
|
||||
if (chroot("/opt/djumbai/") != 0) {
|
||||
perror("chroot /opt/djumbai");
|
||||
return 1;
|
||||
const char *message_queue_path = "fifos/message_queue";
|
||||
|
||||
if (access(message_queue_path, F_OK) != -1) {
|
||||
// FIFO exists, delete it
|
||||
|
|
|
@ -1,19 +1,38 @@
|
|||
#include "../../libs/communication/communication.h"
|
||||
#include "../../libs/protocol/protocol.h"
|
||||
#include <errno.h>
|
||||
#include <sys/wait.h>
|
||||
#include <fcntl.h>
|
||||
#include <pwd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/wait.h>
|
||||
#include <unistd.h>
|
||||
|
||||
int main() {
|
||||
// Get the UID of the djumbaid user.
|
||||
const char *djumbaid_username = "djumbaid";
|
||||
|
||||
// Open the FIFO for writing
|
||||
chroot("/opt/djumbai/");
|
||||
const char *send_fifo_path = "/opt/djumbai/fifos/send_fifo";
|
||||
struct passwd *pw = getpwnam(djumbaid_username);
|
||||
if (pw == NULL) {
|
||||
fprintf(stderr, "User %s not found\n", djumbaid_username);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
//Store previous UID
|
||||
uid_t original_euid = geteuid();
|
||||
// Set UID to djumbaid
|
||||
if (seteuid(pw->pw_uid) == -1) {
|
||||
perror("setuid");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
chdir("/opt/djumbai/");
|
||||
if (chroot("/opt/djumbai/") != 0) {
|
||||
perror("chroot /opt/djumbai");
|
||||
return 1;
|
||||
}
|
||||
const char *send_fifo_path = "fifos/send_fifo";
|
||||
if (access(send_fifo_path, F_OK) != -1) {
|
||||
// FIFO exists, delete it
|
||||
if (unlink(send_fifo_path) == -1) {
|
||||
|
@ -24,7 +43,7 @@ int main() {
|
|||
}
|
||||
|
||||
// Open the FIFO for reading
|
||||
if (mkfifo(send_fifo_path, 0420) == -1) {
|
||||
if (mkfifo(send_fifo_path, 0600) == -1) {
|
||||
perror("mkfifo");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
@ -41,6 +60,11 @@ int main() {
|
|||
return 1;
|
||||
}
|
||||
}
|
||||
//Restore previous UID
|
||||
if (seteuid(original_euid) == -1) {
|
||||
perror("Restore original euid");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
while (1) {
|
||||
// Read message from the send_fifo
|
||||
|
@ -77,20 +101,20 @@ int main() {
|
|||
exit(EXIT_FAILURE);
|
||||
}
|
||||
// Set UID to nobody
|
||||
if (setuid(pw->pw_uid) == -1) {
|
||||
if (seteuid(pw->pw_uid) == -1) {
|
||||
perror("setuid");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
// Set gid to receiver
|
||||
if (setgid(msg.header.receiver) == -1) {
|
||||
if (setegid(msg.header.receiver) == -1) {
|
||||
perror("setgid");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
} else {
|
||||
// Message receiver is a user
|
||||
// Change UID receiver
|
||||
if (setuid(msg.header.receiver) == -1) {
|
||||
if (seteuid(msg.header.receiver) == -1) {
|
||||
perror("setuid");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
@ -101,7 +125,7 @@ int main() {
|
|||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
if (setgid(pw->pw_gid) == -1) {
|
||||
if (setegid(pw->pw_gid) == -1) {
|
||||
perror("setgid");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue