diff options
-rw-r--r-- | lib/uid_wrapper/uid_wrapper.c | 15 | ||||
-rw-r--r-- | lib/uid_wrapper/uid_wrapper.h | 42 | ||||
-rw-r--r-- | lib/uid_wrapper/wscript_build | 2 | ||||
-rw-r--r-- | lib/util/setid.c | 182 | ||||
-rw-r--r-- | lib/util/setid.h | 43 | ||||
-rw-r--r-- | lib/util/unix_privs.c | 5 | ||||
-rwxr-xr-x | lib/util/wscript_build | 7 | ||||
-rw-r--r-- | source3/Makefile.in | 6 | ||||
-rw-r--r-- | source3/include/includes.h | 3 | ||||
-rw-r--r-- | source3/lib/system.c | 9 | ||||
-rw-r--r-- | source3/lib/system_smbd.c | 3 | ||||
-rw-r--r-- | source3/lib/util_sec.c | 127 | ||||
-rw-r--r-- | source3/smbd/sec_ctx.c | 3 | ||||
-rw-r--r-- | source3/web/cgi.c | 5 | ||||
-rw-r--r-- | source4/include/includes.h | 3 | ||||
-rw-r--r-- | source4/ntvfs/unixuid/vfs_unixuid.c | 11 | ||||
-rw-r--r-- | testsuite/smbd/sec_ctx1.c | 4 | ||||
-rw-r--r-- | testsuite/smbd/sec_ctx_nonroot.c | 4 |
18 files changed, 362 insertions, 112 deletions
diff --git a/lib/uid_wrapper/uid_wrapper.c b/lib/uid_wrapper/uid_wrapper.c index 898d1afbb9..7a85a9563a 100644 --- a/lib/uid_wrapper/uid_wrapper.c +++ b/lib/uid_wrapper/uid_wrapper.c @@ -22,6 +22,7 @@ #include "replace.h" #include "system/passwd.h" #include <talloc.h> +#include "../lib/util/setid.h" #else /* _SAMBA_BUILD_ */ @@ -72,7 +73,7 @@ _PUBLIC_ int uwrap_seteuid(uid_t euid) { uwrap_init(); if (!uwrap.enabled) { - return seteuid(euid); + return samba_seteuid(euid); } /* assume for now that the ruid stays as root */ if (euid == 0) { @@ -89,7 +90,7 @@ _PUBLIC_ int uwrap_setreuid(uid_t ruid, uid_t euid) { uwrap_init(); if (!uwrap.enabled) { - return setreuid(ruid, euid); + return samba_setreuid(ruid, euid); } /* assume for now that the ruid stays as root */ if (euid == 0) { @@ -106,7 +107,7 @@ _PUBLIC_ int uwrap_setresuid(uid_t ruid, uid_t euid, uid_t suid) { uwrap_init(); if (!uwrap.enabled) { - return setresuid(ruid, euid, suid); + return samba_setresuid(ruid, euid, suid); } /* assume for now that the ruid stays as root */ if (euid == 0) { @@ -132,7 +133,7 @@ _PUBLIC_ int uwrap_setegid(gid_t egid) { uwrap_init(); if (!uwrap.enabled) { - return setegid(egid); + return samba_setegid(egid); } /* assume for now that the ruid stays as root */ if (egid == 0) { @@ -149,7 +150,7 @@ _PUBLIC_ int uwrap_setregid(gid_t rgid, gid_t egid) { uwrap_init(); if (!uwrap.enabled) { - return setregid(rgid, egid); + return samba_setregid(rgid, egid); } /* assume for now that the ruid stays as root */ if (egid == 0) { @@ -166,7 +167,7 @@ _PUBLIC_ int uwrap_setresgid(gid_t rgid, gid_t egid, gid_t sgid) { uwrap_init(); if (!uwrap.enabled) { - return setresgid(rgid, egid, sgid); + return samba_setresgid(rgid, egid, sgid); } /* assume for now that the ruid stays as root */ if (egid == 0) { @@ -191,7 +192,7 @@ _PUBLIC_ int uwrap_setgroups(size_t size, const gid_t *list) { uwrap_init(); if (!uwrap.enabled) { - return setgroups(size, list); + return samba_setgroups(size, list); } talloc_free(uwrap.groups); diff --git a/lib/uid_wrapper/uid_wrapper.h b/lib/uid_wrapper/uid_wrapper.h index c59749379a..21d0795d41 100644 --- a/lib/uid_wrapper/uid_wrapper.h +++ b/lib/uid_wrapper/uid_wrapper.h @@ -36,35 +36,35 @@ gid_t uwrap_getgid(void); #ifdef UID_WRAPPER_REPLACE -#ifdef seteuid -#undef seteuid +#ifdef samba_seteuid +#undef samba_seteuid #endif -#define seteuid uwrap_seteuid +#define samba_seteuid uwrap_seteuid -#ifdef setreuid -#undef setreuid +#ifdef samba_setreuid +#undef samba_setreuid #endif -#define setreuid uwrap_setreuid +#define samba_setreuid uwrap_setreuid -#ifdef setresuid -#undef setresuid +#ifdef samba_setresuid +#undef samba_setresuid #endif -#define setresuid uwrap_setresuid +#define samba_setresuid uwrap_setresuid -#ifdef setegid -#undef setegid +#ifdef samba_setegid +#undef samba_setegid #endif -#define setegid uwrap_setegid +#define samba_setegid uwrap_setegid -#ifdef setregid -#undef setregid +#ifdef samba_setregid +#undef samba_setregid #endif -#define setregid uwrap_setregid +#define samba_setregid uwrap_setregid -#ifdef setresgid -#undef setresgid +#ifdef samba_setresgid +#undef samba_setresgid #endif -#define setresgid uwrap_setresgid +#define samba_setresgid uwrap_setresgid #ifdef geteuid #undef geteuid @@ -76,10 +76,10 @@ gid_t uwrap_getgid(void); #endif #define getegid uwrap_getegid -#ifdef setgroups -#undef setgroups +#ifdef samba_setgroups +#undef samba_setgroups #endif -#define setgroups uwrap_setgroups +#define samba_setgroups uwrap_setgroups #ifdef getgroups #undef getgroups diff --git a/lib/uid_wrapper/wscript_build b/lib/uid_wrapper/wscript_build index 54e5b80f43..76d4b17fce 100644 --- a/lib/uid_wrapper/wscript_build +++ b/lib/uid_wrapper/wscript_build @@ -3,7 +3,7 @@ bld.SAMBA_LIBRARY('uid_wrapper', source='uid_wrapper.c', - deps='talloc', + deps='talloc util_setid', private_library=True, enabled=bld.CONFIG_SET("UID_WRAPPER"), ) diff --git a/lib/util/setid.c b/lib/util/setid.c new file mode 100644 index 0000000000..8b2efc076f --- /dev/null +++ b/lib/util/setid.c @@ -0,0 +1,182 @@ +/* + Unix SMB/CIFS implementation. + setXXid() functions for Samba. + Copyright (C) Jeremy Allison 2012 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#ifndef AUTOCONF_TEST +#include "replace.h" +#include "system/passwd.h" +#include "include/includes.h" + +#ifdef UID_WRAPPER_REPLACE + +#ifdef samba_seteuid +#undef samba_seteuid +#endif + +#ifdef samba_setreuid +#undef samba_setreuid +#endif + +#ifdef samba_setresuid +#undef samba_setresuid +#endif + +#ifdef samba_setegid +#undef samba_setegid +#endif + +#ifdef samba_setregid +#undef samba_setregid +#endif + +#ifdef samba_setresgid +#undef samba_setresgid +#endif + +#ifdef samba_setgroups +#undef samba_setgroups +#endif + +/* uid_wrapper will have redefined these. */ +int samba_setresuid(uid_t ruid, uid_t euid, uid_t suid); +int samba_setresgid(gid_t rgid, gid_t egid, gid_t sgid); +int samba_setreuid(uid_t ruid, uid_t euid); +int samba_setregid(gid_t rgid, gid_t egid); +int samba_seteuid(uid_t euid); +int samba_setegid(gid_t egid); +int samba_setuid(uid_t uid); +int samba_setgid(gid_t gid); +int samba_setuidx(int flags, uid_t uid); +int samba_setgidx(int flags, gid_t gid); +int samba_setgroups(size_t setlen, const gid_t *gidset); + +#endif +#endif + +#include "../lib/util/setid.h" + +/* All the setXX[ug]id functions and setgroups Samba uses. */ +int samba_setresuid(uid_t ruid, uid_t euid, uid_t suid) +{ +#if defined(HAVE_SETRESUID) + return setresuid(ruid, euid, suid); +#else + errno = ENOSYS; + return -1; +#endif +} + +int samba_setresgid(gid_t rgid, gid_t egid, gid_t sgid) +{ +#if defined(HAVE_SETRESGID) + return setresgid(rgid, egid, sgid); +#else + errno = ENOSYS; + return -1; +#endif +} + +int samba_setreuid(uid_t ruid, uid_t euid) +{ +#if defined(HAVE_SETREUID) + return setreuid(ruid, euid); +#else + errno = ENOSYS; + return -1; +#endif +} + +int samba_setregid(gid_t rgid, gid_t egid) +{ +#if defined(HAVE_SETREGID) + return setregid(rgid, egid); +#else + errno = ENOSYS; + return -1; +#endif +} + +int samba_seteuid(uid_t euid) +{ +#if defined(HAVE_SETEUID) + return seteuid(euid); +#else + errno = ENOSYS; + return -1; +#endif +} + +int samba_setegid(gid_t egid) +{ +#if defined(HAVE_SETEGID) + return setegid(egid); +#else + errno = ENOSYS; + return -1; +#endif +} + +int samba_setuid(uid_t uid) +{ +#if defined(HAVE_SETUID) + return setuid(uid); +#else + errno = ENOSYS; + return -1; +#endif +} + +int samba_setgid(gid_t gid) +{ +#if defined(HAVE_SETGID) + return setgid(gid); +#else + errno = ENOSYS; + return -1; +#endif +} + +int samba_setuidx(int flags, uid_t uid) +{ +#if defined(HAVE_SETUIDX) + return setuidx(flags, uid); +#else + errno = ENOSYS; + return -1; +#endif +} + +int samba_setgidx(int flags, gid_t gid) +{ +#if defined(HAVE_SETGIDX) + return setgidx(flags, gid); +#else + errno = ENOSYS; + return -1; +#endif +} + +int samba_setgroups(size_t setlen, const gid_t *gidset) +{ +#if defined(HAVE_SETGROUPS) + return setgroups(setlen, gidset); +#else + errno = ENOSYS; + return -1; +#endif +} diff --git a/lib/util/setid.h b/lib/util/setid.h new file mode 100644 index 0000000000..59ae44c4d2 --- /dev/null +++ b/lib/util/setid.h @@ -0,0 +1,43 @@ +/* + Unix SMB/CIFS implementation. + setXXid() functions for Samba. + Copyright (C) Jeremy Allison 2012 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#ifndef _SETID_H +#define _SETID_H + +/* + * NB. We don't wrap initgroups although on some systems + * this can call setgroups. On systems with thread-specific + * credentials (Linux so far) we know they have getgrouplist() + * which doesn't make a system call. + */ + +/* All the setXX[ug]id functions and setgroups Samba uses. */ +int samba_setresuid(uid_t ruid, uid_t euid, uid_t suid); +int samba_setresgid(gid_t rgid, gid_t egid, gid_t sgid); +int samba_setreuid(uid_t ruid, uid_t euid); +int samba_setregid(gid_t rgid, gid_t egid); +int samba_seteuid(uid_t euid); +int samba_setegid(gid_t egid); +int samba_setuid(uid_t uid); +int samba_setgid(gid_t gid); +int samba_setuidx(int flags, uid_t uid); +int samba_setgidx(int flags, gid_t gid); +int samba_setgroups(size_t setlen, const gid_t *gidset); + +#endif diff --git a/lib/util/unix_privs.c b/lib/util/unix_privs.c index baa54fd558..3dd244dad1 100644 --- a/lib/util/unix_privs.c +++ b/lib/util/unix_privs.c @@ -22,6 +22,7 @@ #include "includes.h" #include "system/passwd.h" #include "../lib/util/unix_privs.h" +#include "../lib/util/setid.h" /** * @file @@ -52,7 +53,7 @@ struct saved_state { static int privileges_destructor(struct saved_state *s) { if (geteuid() != s->uid && - seteuid(s->uid) != 0) { + samba_seteuid(s->uid) != 0) { smb_panic("Failed to restore privileges"); } return 0; @@ -71,7 +72,7 @@ void *root_privileges(void) if (!s) return NULL; s->uid = geteuid(); if (s->uid != 0) { - seteuid(0); + samba_seteuid(0); } talloc_set_destructor(s, privileges_destructor); return s; diff --git a/lib/util/wscript_build b/lib/util/wscript_build index 82943a08f2..e601ecd4ed 100755 --- a/lib/util/wscript_build +++ b/lib/util/wscript_build @@ -9,7 +9,7 @@ bld.SAMBA_LIBRARY('samba-util', util_str.c util_str_common.c substitute.c ms_fnmatch.c server_id.c dprintf.c parmlist.c bitmap.c''', deps='DYNCONFIG', - public_deps='talloc execinfo uid_wrapper pthread LIBCRYPTO charset', + public_deps='talloc execinfo uid_wrapper pthread LIBCRYPTO charset util_setid', public_headers='debug.h attr.h byteorder.h data_blob.h memory.h safe_string.h time.h talloc_stack.h xfile.h dlinklist.h samba_util.h string_wrappers.h', header_path= [ ('dlinklist.h samba_util.h', '.'), ('*', 'util') ], local_include=False, @@ -62,6 +62,11 @@ bld.SAMBA_LIBRARY('tevent-util', vnum='0.0.1' ) +bld.SAMBA_LIBRARY('util_setid', + source='setid.c', + local_include=False, + private_library=True + ) bld.SAMBA_SUBSYSTEM('util_ldb', source='util_ldb.c', diff --git a/source3/Makefile.in b/source3/Makefile.in index 41f668358b..d9c4df3310 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -433,7 +433,8 @@ UTIL_OBJ = ../lib/util/rbtree.o ../lib/util/signal.o ../lib/util/time.o \ lib/tevent_barrier.o \ ../lib/util/smb_threads.o ../lib/util/util_id.o \ ../lib/util/blocking.o ../lib/util/rfc1738.o \ - ../lib/util/select.o ../lib/util/util_pw.o ../lib/util/server_id.o + ../lib/util/select.o ../lib/util/util_pw.o ../lib/util/server_id.o \ + ../lib/util/setid.o CRYPTO_OBJ = ../lib/crypto/crc32.o @CRYPTO_MD5_OBJ@ \ ../lib/crypto/hmacmd5.o ../lib/crypto/arcfour.o \ @@ -1319,7 +1320,7 @@ LOCKTEST_OBJ = torture/locktest.o $(PARAM_OBJ) $(LOCKING_OBJ) $(KRBCLIENT_OBJ) \ $(LIBSMB_OBJ) $(LIB_NONSMBD_OBJ) \ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) $(FNAME_UTIL_OBJ) -NSSTEST_OBJ = ../nsswitch/nsstest.o $(LIBSAMBAUTIL_OBJ) +NSSTEST_OBJ = ../nsswitch/nsstest.o ../lib/util/setid.o $(LIBSAMBAUTIL_OBJ) PDBTEST_OBJ = torture/pdbtest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ $(LIB_NONSMBD_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ @@ -1602,6 +1603,7 @@ VLP_OBJ = printing/tests/vlp.o \ ../lib/util/util_str_common.o \ ../lib/util/data_blob.o \ ../dynconfig/dynconfig.o \ + ../lib/util/setid.o \ $(LIBSAMBAUTIL_OBJ) \ param/util.o diff --git a/source3/include/includes.h b/source3/include/includes.h index cb60dd2152..d621b7e4c0 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -412,6 +412,9 @@ typedef char fstring[FSTRING_LEN]; #include "../lib/util/smb_threads.h" #include "../lib/util/smb_threads_internal.h" +/* samba_setXXid functions. */ +#include "../lib/util/setid.h" + /***** prototypes *****/ #ifndef NO_PROTO_H #include "proto.h" diff --git a/source3/lib/system.c b/source3/lib/system.c index 3daa041a27..fe8aec317d 100644 --- a/source3/lib/system.c +++ b/source3/lib/system.c @@ -25,6 +25,7 @@ #include "system/capability.h" #include "system/passwd.h" #include "system/filesys.h" +#include "../lib/util/setid.h" #ifdef HAVE_SYS_SYSCTL_H #include <sys/sysctl.h> @@ -956,7 +957,7 @@ static int sys_broken_setgroups(int setlen, gid_t *gidset) for(i = 0; i < setlen; i++) group_list[i] = (GID_T) gidset[i]; - if(setgroups(setlen, group_list) != 0) { + if(samba_setgroups(setlen, group_list) != 0) { int saved_errno = errno; SAFE_FREE(group_list); errno = saved_errno; @@ -993,7 +994,7 @@ static int sys_bsd_setgroups(gid_t primary_gid, int setlen, const gid_t *gidset) /* No group list, just make sure we are setting the efective GID. */ if (setlen == 0) { - return setgroups(1, &primary_gid); + return samba_setgroups(1, &primary_gid); } /* If the primary gid is not the first array element, grow the array @@ -1019,7 +1020,7 @@ static int sys_bsd_setgroups(gid_t primary_gid, int setlen, const gid_t *gidset) #if defined(HAVE_BROKEN_GETGROUPS) ret = sys_broken_setgroups(setlen, new_gidset ? new_gidset : gidset); #else - ret = setgroups(setlen, new_gidset ? new_gidset : gidset); + ret = samba_setgroups(setlen, new_gidset ? new_gidset : gidset); #endif if (new_gidset) { @@ -1062,7 +1063,7 @@ int sys_setgroups(gid_t UNUSED(primary_gid), int setlen, gid_t *gidset) #elif defined(HAVE_BROKEN_GETGROUPS) return sys_broken_setgroups(setlen, gidset); #else - return setgroups(setlen, gidset); + return samba_setgroups(setlen, gidset); #endif } diff --git a/source3/lib/system_smbd.c b/source3/lib/system_smbd.c index 634f88ea9c..10d7f38d52 100644 --- a/source3/lib/system_smbd.c +++ b/source3/lib/system_smbd.c @@ -26,6 +26,7 @@ #include "includes.h" #include "system/passwd.h" #include "nsswitch/winbind_client.h" +#include "../lib/util/setid.h" #ifndef HAVE_GETGROUPLIST @@ -130,7 +131,7 @@ static int getgrouplist_internals(const char *user, gid_t gid, gid_t *groups, return from getgroups() */ save_re_gid(); set_effective_gid(gid); - setgid(gid); + samba_setgid(gid); num_gids = getgroups(0, NULL); if (num_gids == -1) { diff --git a/source3/lib/util_sec.c b/source3/lib/util_sec.c index 60ea214d26..bbb75dbbd4 100644 --- a/source3/lib/util_sec.c +++ b/source3/lib/util_sec.c @@ -20,6 +20,8 @@ #ifndef AUTOCONF_TEST #include "includes.h" #include "system/passwd.h" /* uid_wrapper */ +#include "../lib/util/setid.h" + #else /* we are running this code in autoconf test mode to see which type of setuid function works */ @@ -38,6 +40,9 @@ #include <sys/id.h> #endif +/* In autoconf/test mode include the definitions of samba_setXXX. */ +#include "../lib/util/setid.c" + #define DEBUG(x, y) printf y #define smb_panic(x) exit(1) #define bool int @@ -130,24 +135,24 @@ static void assert_gid(gid_t rgid, gid_t egid) void gain_root_privilege(void) { #if USE_SETRESUID - setresuid(0,0,0); + samba_setresuid(0,0,0); #endif #if USE_SETEUID - seteuid(0); + samba_seteuid(0); #endif #if USE_SETREUID - setreuid(0, 0); + samba_setreuid(0, 0); #endif #if USE_SETUIDX - setuidx(ID_EFFECTIVE, 0); - setuidx(ID_REAL, 0); + samba_setuidx(ID_EFFECTIVE, 0); + samba_setuidx(ID_REAL, 0); #endif /* this is needed on some systems */ - setuid(0); + samba_setuid(0); assert_uid(0, 0); } @@ -160,23 +165,23 @@ void gain_root_privilege(void) void gain_root_group_privilege(void) { #if USE_SETRESUID - setresgid(0,0,0); + samba_setresgid(0,0,0); #endif #if USE_SETREUID - setregid(0,0); + samba_setregid(0,0); #endif #if USE_SETEUID - setegid(0); + samba_setegid(0); #endif #if USE_SETUIDX - setgidx(ID_EFFECTIVE, 0); - setgidx(ID_REAL, 0); + samba_setgidx(ID_EFFECTIVE, 0); + samba_setgidx(ID_REAL, 0); #endif - setgid(0); + samba_setgid(0); assert_gid(0, 0); } @@ -198,9 +203,9 @@ void set_effective_uid(uid_t uid) { #if USE_SETRESUID /* Set the effective as well as the real uid. */ - if (setresuid(uid,uid,-1) == -1) { + if (samba_setresuid(uid,uid,-1) == -1) { if (errno == EAGAIN) { - DEBUG(0, ("setresuid failed with EAGAIN. uid(%d) " + DEBUG(0, ("samba_setresuid failed with EAGAIN. uid(%d) " "might be over its NPROC limit\n", (int)uid)); } @@ -208,15 +213,15 @@ void set_effective_uid(uid_t uid) #endif #if USE_SETREUID - setreuid(-1,uid); + samba_setreuid(-1,uid); #endif #if USE_SETEUID - seteuid(uid); + samba_seteuid(uid); #endif #if USE_SETUIDX - setuidx(ID_EFFECTIVE, uid); + samba_setuidx(ID_EFFECTIVE, uid); #endif assert_uid(-1, uid); @@ -229,19 +234,19 @@ void set_effective_uid(uid_t uid) void set_effective_gid(gid_t gid) { #if USE_SETRESUID - setresgid(-1,gid,-1); + samba_setresgid(-1,gid,-1); #endif #if USE_SETREUID - setregid(-1,gid); + samba_setregid(-1,gid); #endif #if USE_SETEUID - setegid(gid); + samba_setegid(gid); #endif #if USE_SETUIDX - setgidx(ID_EFFECTIVE, gid); + samba_setgidx(ID_EFFECTIVE, gid); #endif assert_gid(-1, gid); @@ -268,17 +273,17 @@ void save_re_uid(void) void restore_re_uid_fromroot(void) { #if USE_SETRESUID - setresuid(saved_ruid, saved_euid, -1); + samba_setresuid(saved_ruid, saved_euid, -1); #elif USE_SETREUID - setreuid(saved_ruid, -1); - setreuid(-1,saved_euid); + samba_setreuid(saved_ruid, -1); + samba_setreuid(-1,saved_euid); #elif USE_SETUIDX - setuidx(ID_REAL, saved_ruid); - setuidx(ID_EFFECTIVE, saved_euid); + samba_setuidx(ID_REAL, saved_ruid); + samba_setuidx(ID_EFFECTIVE, saved_euid); #else set_effective_uid(saved_euid); if (getuid() != saved_ruid) - setuid(saved_ruid); + samba_setuid(saved_ruid); set_effective_uid(saved_euid); #endif @@ -307,17 +312,17 @@ void save_re_gid(void) void restore_re_gid(void) { #if USE_SETRESUID - setresgid(saved_rgid, saved_egid, -1); + samba_setresgid(saved_rgid, saved_egid, -1); #elif USE_SETREUID - setregid(saved_rgid, -1); - setregid(-1,saved_egid); + samba_setregid(saved_rgid, -1); + samba_setregid(-1,saved_egid); #elif USE_SETUIDX - setgidx(ID_REAL, saved_rgid); - setgidx(ID_EFFECTIVE, saved_egid); + samba_setgidx(ID_REAL, saved_rgid); + samba_setgidx(ID_EFFECTIVE, saved_egid); #else set_effective_gid(saved_egid); if (getgid() != saved_rgid) - setgid(saved_rgid); + samba_setgid(saved_rgid); set_effective_gid(saved_egid); #endif @@ -335,13 +340,13 @@ int set_re_uid(void) uid_t uid = geteuid(); #if USE_SETRESUID - setresuid(geteuid(), -1, -1); + samba_setresuid(geteuid(), -1, -1); #endif #if USE_SETREUID - setreuid(0, 0); - setreuid(uid, -1); - setreuid(-1, uid); + samba_setreuid(0, 0); + samba_setreuid(uid, -1); + samba_setreuid(-1, uid); #endif #if USE_SETEUID @@ -374,34 +379,34 @@ void become_user_permanently(uid_t uid, gid_t gid) gain_root_group_privilege(); #if USE_SETRESUID - setresgid(gid,gid,gid); - setgid(gid); - setresuid(uid,uid,uid); - setuid(uid); + samba_setresgid(gid,gid,gid); + samba_setgid(gid); + samba_setresuid(uid,uid,uid); + samba_setuid(uid); #endif #if USE_SETREUID - setregid(gid,gid); - setgid(gid); - setreuid(uid,uid); - setuid(uid); + samba_setregid(gid,gid); + samba_setgid(gid); + samba_setreuid(uid,uid); + samba_setuid(uid); #endif #if USE_SETEUID - setegid(gid); - setgid(gid); - setuid(uid); - seteuid(uid); - setuid(uid); + samba_setegid(gid); + samba_setgid(gid); + samba_setuid(uid); + samba_seteuid(uid); + samba_setuid(uid); #endif #if USE_SETUIDX - setgidx(ID_REAL, gid); - setgidx(ID_EFFECTIVE, gid); - setgid(gid); - setuidx(ID_REAL, uid); - setuidx(ID_EFFECTIVE, uid); - setuid(uid); + samba_setgidx(ID_REAL, gid); + samba_setgidx(ID_EFFECTIVE, gid); + samba_setgid(gid); + samba_setuidx(ID_REAL, uid); + samba_setuidx(ID_EFFECTIVE, uid); + samba_setuid(uid); #endif assert_uid(uid, uid); @@ -418,19 +423,19 @@ static int have_syscall(void) errno = 0; #if USE_SETRESUID - setresuid(-1,-1,-1); + samba_setresuid(-1,-1,-1); #endif #if USE_SETREUID - setreuid(-1,-1); + samba_setreuid(-1,-1); #endif #if USE_SETEUID - seteuid(-1); + samba_seteuid(-1); #endif #if USE_SETUIDX - setuidx(ID_EFFECTIVE, -1); + samba_setuidx(ID_EFFECTIVE, -1); #endif if (errno == ENOSYS) return -1; @@ -462,7 +467,7 @@ main() gain_root_privilege(); gain_root_group_privilege(); become_user_permanently(1, 1); - setuid(0); + samba_setuid(0); if (getuid() == 0) { fprintf(stderr,"uid not set permanently\n"); exit(1); diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c index d83dbd0cb6..d73dcf422e 100644 --- a/source3/smbd/sec_ctx.c +++ b/source3/smbd/sec_ctx.c @@ -24,6 +24,7 @@ #include "libcli/security/security_token.h" #include "auth.h" #include "smbprofile.h" +#include "../lib/util/setid.h" extern struct current_user current_user; @@ -151,7 +152,7 @@ static int get_current_groups(gid_t gid, uint32_t *p_ngroups, gid_t **p_groups) returned from getgroups() (tridge) */ save_re_gid(); set_effective_gid(gid); - setgid(gid); + samba_setgid(gid); ngroups = sys_getgroups(0,&grp); if (ngroups <= 0) { diff --git a/source3/web/cgi.c b/source3/web/cgi.c index b861b2d780..b97ed2578c 100644 --- a/source3/web/cgi.c +++ b/source3/web/cgi.c @@ -24,6 +24,7 @@ #include "intl/lang_tdb.h" #include "auth.h" #include "secrets.h" +#include "../lib/util/setid.h" #define MAX_VARIABLES 10000 @@ -328,7 +329,7 @@ static void cgi_web_auth(void) C_user = SMB_STRDUP(user); - if (!setuid(0)) { + if (!samba_setuid(0)) { C_pass = secrets_fetch_generic("root", "SWAT"); if (C_pass == NULL) { char *tmp_pass = NULL; @@ -344,7 +345,7 @@ static void cgi_web_auth(void) TALLOC_FREE(tmp_pass); } } - setuid(pwd->pw_uid); + samba_setuid(pwd->pw_uid); if (geteuid() != pwd->pw_uid || getuid() != pwd->pw_uid) { printf("%sFailed to become user %s - uid=%d/%d<br>%s\n", head, user, (int)geteuid(), (int)getuid(), tail); diff --git a/source4/include/includes.h b/source4/include/includes.h index e60bf9035d..46b158ec08 100644 --- a/source4/include/includes.h +++ b/source4/include/includes.h @@ -69,4 +69,7 @@ #include "../lib/util/smb_threads.h" #include "../lib/util/smb_threads_internal.h" +/* samba_setXXid functions. */ +#include "../lib/util/setid.h" + #endif /* _INCLUDES_H */ diff --git a/source4/ntvfs/unixuid/vfs_unixuid.c b/source4/ntvfs/unixuid/vfs_unixuid.c index c98d3867c9..b6da79064b 100644 --- a/source4/ntvfs/unixuid/vfs_unixuid.c +++ b/source4/ntvfs/unixuid/vfs_unixuid.c @@ -28,6 +28,7 @@ #include "libcli/wbclient/wbclient.h" #define TEVENT_DEPRECATED #include <tevent.h> +#include "../lib/util/setid.h" NTSTATUS ntvfs_unixuid_init(void); @@ -73,15 +74,15 @@ static struct security_unix_token *save_unix_security(TALLOC_CTX *mem_ctx) */ static NTSTATUS set_unix_security(struct security_unix_token *sec) { - seteuid(0); + samba_seteuid(0); - if (setgroups(sec->ngroups, sec->groups) != 0) { + if (samba_setgroups(sec->ngroups, sec->groups) != 0) { return NT_STATUS_ACCESS_DENIED; } - if (setegid(sec->gid) != 0) { + if (samba_setegid(sec->gid) != 0) { return NT_STATUS_ACCESS_DENIED; } - if (seteuid(sec->uid) != 0) { + if (samba_seteuid(sec->uid) != 0) { return NT_STATUS_ACCESS_DENIED; } return NT_STATUS_OK; @@ -115,7 +116,7 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev, return -1; } *(struct security_unix_token **)stack_ptr = sec_ctx; - if (seteuid(0) != 0 || setegid(0) != 0) { + if (samba_seteuid(0) != 0 || samba_setegid(0) != 0) { DEBUG(0,("%s: Failed to change to root\n", location)); return -1; } diff --git a/testsuite/smbd/sec_ctx1.c b/testsuite/smbd/sec_ctx1.c index a6e61d1a32..ab85ae16e5 100644 --- a/testsuite/smbd/sec_ctx1.c +++ b/testsuite/smbd/sec_ctx1.c @@ -26,8 +26,8 @@ int main (int argc, char **argv) { /* Become a non-root user */ - setuid(1); - setgid(1); + samba_setuid(1); + samba_setgid(1); /* Try to push a security context. This should fail with a smb_assert() error. */ diff --git a/testsuite/smbd/sec_ctx_nonroot.c b/testsuite/smbd/sec_ctx_nonroot.c index b31aeb0906..6d4dbf3443 100644 --- a/testsuite/smbd/sec_ctx_nonroot.c +++ b/testsuite/smbd/sec_ctx_nonroot.c @@ -27,8 +27,8 @@ int main (int argc, char **argv) /* Become a non-root user */ - setuid(1); - setgid(1); + samba_setuid(1); + samba_setgid(1); /* Try to push a security context. This should fail with a smb_assert() error. */ |