When running set[ug]id, don't check the environment.

Idea from OpenBSD, but made a bit more generic to handle uncivilized lands
that do not define issetugid.

svn:r1530

diff --git a/ChangeLog b/ChangeLog
index d369e524e37a6f43e4beda13eca268c1005dfa32..4798c6089c96209910291259cbb23d1e44297900 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -44,7 +44,8 @@ Changes in 2.0.3-alpha:
  o Make EV_PERSIST timeouts more accurate: schedule the next event based on the scheduled time of the previous event, not based on the current time.
  o Allow http.c to handle cases where getaddrinfo returns an IPv6 address.  Patch from Ryan Phillips.
  o Fix a problem with excessive memory allocation when using multiple event priorities.
- o Default to using arc4random for DNS transaction IDs on systems that have it.
+ o Default to using arc4random for DNS transaction IDs on systems that have it; from OpenBSD.
+ o Never check the environment when we're running setuid or setgid; from OpenBSD.
 
 
 Changes in 2.0.2-alpha:

diff --git a/configure.in b/configure.in
index 9e45bbf822a9e430e0f525eed68c18393f322cc3..6f826f43a1d4a29127a36fc158887757dcb047af 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -176,7 +176,7 @@ AC_C_INLINE
 AC_HEADER_TIME
 
 dnl Checks for library functions.
-AC_CHECK_FUNCS(gettimeofday vasprintf fcntl clock_gettime strtok_r strsep getaddrinfo getnameinfo strlcpy inet_ntop inet_pton signal sigaction strtoll inet_aton pipe eventfd sendfile mmap splice arc4random)
+AC_CHECK_FUNCS(gettimeofday vasprintf fcntl clock_gettime strtok_r strsep getaddrinfo getnameinfo strlcpy inet_ntop inet_pton signal sigaction strtoll inet_aton pipe eventfd sendfile mmap splice arc4random issetugid geteuid getegid)
 
 AC_CHECK_SIZEOF(long)
 

diff --git a/event.c b/event.c
index ec91f8e9b1beb7d3e1eb1dbb598ab0aaf966974e..bbd6b73c69df1f9129b603b7330ffd1f8fbdf9f6 100644 (file)
--- a/event.c
+++ b/event.c
@@ -242,7 +242,7 @@ event_is_method_disabled(const char *name)
        evutil_snprintf(environment, sizeof(environment), "EVENT_NO%s", name);
        for (i = 8; environment[i] != '\0'; ++i)
                environment[i] = toupper(environment[i]);
-       return (getenv(environment) != NULL);
+       return (evutil_getenv(environment) != NULL);
 }
 
 int
@@ -334,7 +334,7 @@ event_base_new_with_config(struct event_config *cfg)
                return NULL;
        }
 
-       if (getenv("EVENT_SHOW_METHOD"))
+       if (evutil_getenv("EVENT_SHOW_METHOD"))
                event_msgx("libevent using: %s", base->evsel->name);
 
        /* allocate a single active event queue */

diff --git a/evutil.c b/evutil.c
index 5a57c288cd281a4695376af6d147074a318cb6bf..072b22b4368804466e053e919a41c66654c0b04c 100644 (file)
--- a/evutil.c
+++ b/evutil.c
@@ -952,3 +952,31 @@ int evutil_ascii_strncasecmp(const char *s1, const char *s2, size_t n)
        }
        return 0;
 }
+
+static int
+evutil_issetugid(void)
+{
+#ifdef _EVENT_HAVE_ISSETUGID
+       return issetugid();
+#else
+
+#ifdef _EVENT_HAVE_GETEUID
+       if (getuid() != geteuid())
+               return 1;
+#endif
+#ifdef _EVENT_HAVE_GETEGID
+       if (getgid() != getegid())
+               return 1;
+#endif
+       return 0;
+#endif
+}
+
+const char *
+evutil_getenv(const char *varname)
+{
+       if (evutil_issetugid())
+               return NULL;
+
+       return getenv(varname);
+}

diff --git a/util-internal.h b/util-internal.h
index 3c243d6339a36fbe96bb2bf9cb55a9e12da2c71d..6f524d3a8f819f67bc5d9411e80e1c65d028fcfe 100644 (file)
--- a/util-internal.h
+++ b/util-internal.h
@@ -144,6 +144,8 @@ int evutil_socket_finished_connecting(evutil_socket_t fd);
 int evutil_resolve(int family, const char *hostname, struct sockaddr *sa,
     ev_socklen_t *socklen, int port);
 
+const char *evutil_getenv(const char *name);
+
 /* Evaluates to the same boolean value as 'p', and hints to the compiler that
  * we expect this value to be false. */
 #ifdef __GNUC__X