From 629a61339823cd65351c7aeb294b3337db06dccb Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Sun, 15 Nov 2009 18:59:59 +0000 Subject: [PATCH] When running set[ug]id, don't check the environment. Idea from OpenBSD, but made a bit more generic to handle uncivilized lands that do not define issetugid. svn:r1530 --- ChangeLog | 3 ++- configure.in | 2 +- event.c | 4 ++-- evutil.c | 28 ++++++++++++++++++++++++++++ util-internal.h | 2 ++ 5 files changed, 35 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index d369e524..4798c608 100644 --- a/ChangeLog +++ b/ChangeLog @@ -44,7 +44,8 @@ Changes in 2.0.3-alpha: o Make EV_PERSIST timeouts more accurate: schedule the next event based on the scheduled time of the previous event, not based on the current time. o Allow http.c to handle cases where getaddrinfo returns an IPv6 address. Patch from Ryan Phillips. o Fix a problem with excessive memory allocation when using multiple event priorities. - o Default to using arc4random for DNS transaction IDs on systems that have it. + o Default to using arc4random for DNS transaction IDs on systems that have it; from OpenBSD. + o Never check the environment when we're running setuid or setgid; from OpenBSD. Changes in 2.0.2-alpha: diff --git a/configure.in b/configure.in index 9e45bbf8..6f826f43 100644 --- a/configure.in +++ b/configure.in @@ -176,7 +176,7 @@ AC_C_INLINE AC_HEADER_TIME dnl Checks for library functions. -AC_CHECK_FUNCS(gettimeofday vasprintf fcntl clock_gettime strtok_r strsep getaddrinfo getnameinfo strlcpy inet_ntop inet_pton signal sigaction strtoll inet_aton pipe eventfd sendfile mmap splice arc4random) +AC_CHECK_FUNCS(gettimeofday vasprintf fcntl clock_gettime strtok_r strsep getaddrinfo getnameinfo strlcpy inet_ntop inet_pton signal sigaction strtoll inet_aton pipe eventfd sendfile mmap splice arc4random issetugid geteuid getegid) AC_CHECK_SIZEOF(long) diff --git a/event.c b/event.c index ec91f8e9..bbd6b73c 100644 --- a/event.c +++ b/event.c @@ -242,7 +242,7 @@ event_is_method_disabled(const char *name) evutil_snprintf(environment, sizeof(environment), "EVENT_NO%s", name); for (i = 8; environment[i] != '\0'; ++i) environment[i] = toupper(environment[i]); - return (getenv(environment) != NULL); + return (evutil_getenv(environment) != NULL); } int @@ -334,7 +334,7 @@ event_base_new_with_config(struct event_config *cfg) return NULL; } - if (getenv("EVENT_SHOW_METHOD")) + if (evutil_getenv("EVENT_SHOW_METHOD")) event_msgx("libevent using: %s", base->evsel->name); /* allocate a single active event queue */ diff --git a/evutil.c b/evutil.c index 5a57c288..072b22b4 100644 --- a/evutil.c +++ b/evutil.c @@ -952,3 +952,31 @@ int evutil_ascii_strncasecmp(const char *s1, const char *s2, size_t n) } return 0; } + +static int +evutil_issetugid(void) +{ +#ifdef _EVENT_HAVE_ISSETUGID + return issetugid(); +#else + +#ifdef _EVENT_HAVE_GETEUID + if (getuid() != geteuid()) + return 1; +#endif +#ifdef _EVENT_HAVE_GETEGID + if (getgid() != getegid()) + return 1; +#endif + return 0; +#endif +} + +const char * +evutil_getenv(const char *varname) +{ + if (evutil_issetugid()) + return NULL; + + return getenv(varname); +} diff --git a/util-internal.h b/util-internal.h index 3c243d63..6f524d3a 100644 --- a/util-internal.h +++ b/util-internal.h @@ -144,6 +144,8 @@ int evutil_socket_finished_connecting(evutil_socket_t fd); int evutil_resolve(int family, const char *hostname, struct sockaddr *sa, ev_socklen_t *socklen, int port); +const char *evutil_getenv(const char *name); + /* Evaluates to the same boolean value as 'p', and hints to the compiler that * we expect this value to be false. */ #ifdef __GNUC__X -- 2.40.0