shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-06 16:59:03 +03:00
Code

journal: drop privileges when storing coredump

Browse Source
This commit is contained in:
Lennart Poettering 2012-01-14 03:37:32 +01:00
parent e6acda19b2
commit fee80f6956
1 changed files with 41 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
src/journal/coredump.c
View File

@ -45,6 +45,8 @@ int main(int argc, char* argv[]) {
char *p = NULL; char *p = NULL;
ssize_t n; ssize_t n;
pid_t pid; pid_t pid;
uid_t uid;
gid_t gid;
struct iovec iovec[14]; struct iovec iovec[14];
char *core_pid = NULL, *core_uid = NULL, *core_gid = NULL, *core_signal = NULL, char *core_pid = NULL, *core_uid = NULL, *core_gid = NULL, *core_signal = NULL,
*core_timestamp = NULL, *core_comm = NULL, *core_exe = NULL, *core_unit = NULL, *core_timestamp = NULL, *core_comm = NULL, *core_exe = NULL, *core_unit = NULL,
@ -63,31 +65,21 @@ int main(int argc, char* argv[]) {
r = parse_pid(argv[ARG_PID], &pid); r = parse_pid(argv[ARG_PID], &pid);
if (r < 0) { if (r < 0) {
log_error("Failed to parse PID."); log_error("Failed to parse PID.");
r = -EINVAL;
goto finish; goto finish;
} }
p = malloc(9 + COREDUMP_MAX); r = parse_uid(argv[ARG_UID], &uid);
if (!p) { if (r < 0) {
log_error("Out of memory"); log_error("Failed to parse UID.");
r = -ENOMEM;
goto finish; goto finish;
} }
memcpy(p, "COREDUMP=", 9); r = parse_gid(argv[ARG_GID], &gid);
if (r < 0) {
n = loop_read(STDIN_FILENO, p + 9, COREDUMP_MAX, false); log_error("Failed to parse GID.");
if (n < 0) {
log_error("Failed to read core dump data: %s", strerror(-n));
r = (int) n;
goto finish; goto finish;
} }
zero(iovec);
iovec[j].iov_base = p;
iovec[j].iov_len = 9 + n;
j++;
core_pid = strappend("COREDUMP_PID=", argv[ARG_PID]); core_pid = strappend("COREDUMP_PID=", argv[ARG_PID]);
if (core_pid) if (core_pid)
IOVEC_SET_STRING(iovec[j++], core_pid); IOVEC_SET_STRING(iovec[j++], core_pid);
@ -151,6 +143,39 @@ int main(int argc, char* argv[]) {
if (core_message) if (core_message)
IOVEC_SET_STRING(iovec[j++], core_message); IOVEC_SET_STRING(iovec[j++], core_message);
/* Now, let's drop privileges to become the user who owns the
* segfaulted process and allocate the coredump memory under
* his uid. This also ensures that the credentials journald
* will see are the ones of the coredumping user, thus making
* sure the user himself gets access to the core dump. */
if (setresgid(gid, gid, gid) < 0 ||
setresuid(uid, uid, uid) < 0) {
log_error("Failed to drop privileges: %m");
r = -errno;
goto finish;
}
p = malloc(9 + COREDUMP_MAX);
if (!p) {
log_error("Out of memory");
r = -ENOMEM;
goto finish;
}
memcpy(p, "COREDUMP=", 9);
n = loop_read(STDIN_FILENO, p + 9, COREDUMP_MAX, false);
if (n < 0) {
log_error("Failed to read core dump data: %s", strerror(-n));
r = (int) n;
goto finish;
}
iovec[j].iov_base = p;
iovec[j].iov_len = 9 + n;
j++;
r = sd_journal_sendv(iovec, j); r = sd_journal_sendv(iovec, j);
if (r < 0) if (r < 0)
log_error("Failed to send coredump: %s", strerror(-r)); log_error("Failed to send coredump: %s", strerror(-r));