[parisc-linux] Issues with seteuid()?

Joel Soete jsoe0708@tiscali.be
Wed, 29 Jan 2003 14:58:20 +0100 

Hi all,

Here is a 'small' test case which reproduce the problem on a sarge (ie testing)
debian (gcc-3.0_3.0.4-12; libc6_2.2.5-14.3) running very last kernel 2.4.20-pa23:

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>

/* getpid(), geteuid()  */
#include <sys/types.h>
#include <unistd.h>

/* setgroups() */
#include <grp.h>

/* mkdir() */
#include <sys/stat.h>
#define MAXPATHLEN 256

/* waitpid() */
#include <sys/wait.h>


char *effectiveUser="proxy";
uid_t effectiveUserID=13;
gid_t effectiveGroupID=13;

/* Define if you have the setgroups function.  */
#define HAVE_SETGROUPS 1

/*
 * Yay! Another Linux brokenness.  Its not good enough to know that
 * setresuid() exists, because RedHat 5.0 declare setresuid() but
 * doesn't implement it.
 */
#define HAVE_SETRESUID 1

#undef HAVE_SETRESUID
/*
 */

/*
man setresuid NOTES:
       Under  HP-UX  and  FreeBSD the prototype is found in <unistd.h>. 
Under
       Linux there is so far no include file giving the prototype - this
is  a
       glibc bug. Programs using this system call must add the prototype
them-
       selves.
*/
#ifdef HAVE_SETRESUID
int
setresuid(uid_t ruid, uid_t euid, uid_t suid);
#endif

/* Define if you have the seteuid function.  */
#define HAVE_SETEUID 1

/*
 * xstrerror() - strerror() wrapper
 */
const char *
xstrerror(void)
{
    static char xstrerror_buf[BUFSIZ];
    static char strerror_buf[BUFSIZ];

    snprintf(strerror_buf, BUFSIZ, "%s", strerror(errno));
   
    if (strerror_buf) 
	snprintf(xstrerror_buf, BUFSIZ, "(%d) %s", errno, strerror_buf);
    else
        snprintf(xstrerror_buf, BUFSIZ, "(%d) Unknown", errno); 
    return xstrerror_buf;
}

/* leave a privilegied section. (Give up any privilegies)
 * Routines that need privilegies can rap themselves in enter_suid()
 * and leave_suid()
 * To give upp all posibilites to gain privilegies use no_suid()
 */
void
leave_suid(void)
{
    fprintf(stderr, "leave_suid: PID %d called\n", (int) getpid());
    if (geteuid() != 0)
	return;
    /* Started as a root, check suid option */
    if (effectiveUser == NULL)
	return;
#if HAVE_SETGROUPS
    setgroups(1, &effectiveGroupID);
#endif
    if (setgid(effectiveGroupID) < 0)
	fprintf(stderr, "ALERT: setgid: %s\n", xstrerror());
    fprintf(stderr, "leave_suid: PID %d giving up root, becoming '%s'\n",
(int) getpid(), effectiveUser);
#if HAVE_SETRESUID
    if (setresuid(effectiveUserID, effectiveUserID, 0) < 0)
	fprintf(stderr, "ALERT: setresuid: %s\n", xstrerror());
#elif HAVE_SETEUID
    if (seteuid(effectiveUserID) < 0)
	fprintf(stderr, "ALERT: seteuid: %s\n", xstrerror());
#else
    if (setuid(effectiveUserID) < 0)
	fprintf(stderr, "ALERT: setuid: %s\n", xstrerror());
#endif
}

static void
setEffectiveUser(void)
{
    leave_suid();		/* Run as non privilegied user */
    if (geteuid() == 0) {
	fprintf(stderr, "Squid is not safe to run as root!  If you must\n");
	fprintf(stderr, "start Squid as root, then you must configure\n");
	fprintf(stderr, "it to run as a non-priveledged user with the\n");
	fprintf(stderr, "'cache_effective_user' option in the config file.\n");
	fprintf(stderr, "Don't run Squid as root, set 'cache_effective_user'!\n");
        abort();
    }
}

static int
storeUfsDirCreateDirectory(const char *path)
{
    int created = 0;

    if (0 != mkdir(path, 0755)) {
	fprintf(stderr,	"Failed to make swai directory %s: %s\n",
	    path, xstrerror());
    }
    return created;
}

static void
storeUfsDirCreateSwapSubDirs(char * Path)
{
    int i, k;
    static char name[MAXPATHLEN];
    for (i = 0; i < 16; i++) {
	snprintf(name, MAXPATHLEN, "%s/%02X", Path, i);
        storeUfsDirCreateDirectory(name);
	fprintf(stderr, "Making directories in %s\n", name);
	for (k = 0; k < 32; k++) {
	    snprintf(name, MAXPATHLEN, "%s/%02X/%02X", Path, i, k);
            storeUfsDirCreateDirectory(name);
	}
    }
}


static void
storeUfsDirNewfs(char * Path)
{
    fprintf(stderr, "Creating swap space in %s\n", Path);
    storeUfsDirCreateSwapSubDirs(Path);
}

void
storeCreateSwapDirectories(void)
{
    int i;
    pid_t pid;
    int status;
    for (i = 0; i < 1; i++) {
	if (fork())
	    continue;
        storeUfsDirNewfs("/var/spool/squid");
	exit(0);
    }
    do {
	pid = waitpid(-1, &status, 0);
    } while (pid > 0 || (pid < 0 && errno == EINTR));
}


int
main(int argc, char **argv)
{
    /* only opt_create_swap_dirs */

    setEffectiveUser();
    fprintf(stderr, "Creating Swap Directories\n");
    storeCreateSwapDirectories();

    return 0;
}

(rebuild from simplified parts of squid-2.5 src)

compile with: gcc -O 2 -Wall -D_REENTRANT file.c -o ct

[create a user and a group named proxy with id 13 both]

compile as it is it, it will failled immediately with 'Segmentation fault'

edit sources to comment out '#undef HAVE_SETRESUID' line, recompile with
same option and it would fork without problem (even thought it will failled
to actually create dir)

hth,
    Joel

PS: this test case doesn't present the same pb on an unstable debian (ie
compile with gcc-3.2_3.2.2-0pre6 & libc6_2.3.1-10). I try this on the same
kernel running each the two different install.



>-- Original Message --
>From: Luigi Gangitano <luigi@debian.org>
>To: parisc-linux@lists.parisc-linux.org
>Subject: [parisc-linux] Issues with seteuid()?
>Date: 12 Jan 2003 16:49:29 +0100
>
>
>
>Hi all,
>I'm the Debian package maintainer for Squid (HTTP Proxy). I received the
>forwarded bug report describing issues in seteuid() on palinux. While
>using seteuid(), forked processes terminate with SEGV.
>
>Is it a known problem?
>
>Thanks.
>
>L
>
>Please CC: me, I'm not subscribed to this list.
>
>-----Forwarded Message-----
>> This small mail to mentionned that I reach to make squid operational on
>> a linux-2.4.20-pa17 thanks to the following tips:
>> 
>> in debian rules replace statement
>>     ac_cv_func_setresuid=no \
>> by
>>     ac_cv_func_setresuid=yes \
>> 
>> so that function leave_suid() [into src/tools.c] will use setresuid()
in
>> place of seteuid() before launch fork().
>> 
>> Is it a know problem on palinux?
>> 
>> Greetings,
>>     Joel
>> 
>> PS: Luigi, I also test it on 2.5.1 and it works also for parisc linux
(testing
>> config). HTH
>
>-- 
> Luigi Gangitano -- <luigi@debian.org> -- <gangitano@lugroma3.org>
> GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972  C24A F19B A618 924C 0C26
>
>Attachment: signature.asc
>


*********************************************
Vous surfez toujours avec une ligne classique ?
Faites des economies avec Tiscali Complete...
Plus d'info sur ... http://complete.tiscali.be