![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to ufopen.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [MW Coherent from dump] / coherent / g / usr / lib / uucp / tay104 / unix|
Return to ufopen.c CVS log | Up to [MW Coherent from dump] / coherent / g / usr / lib / uucp / tay104 / unix |
1.1 ! root 1: /* ufopen.c ! 2: Open a file with the permissions of the invoking user. ! 3: ! 4: Copyright (C) 1992 Ian Lance Taylor ! 5: ! 6: This file is part of the Taylor UUCP package. ! 7: ! 8: This program is free software; you can redistribute it and/or ! 9: modify it under the terms of the GNU General Public License as ! 10: published by the Free Software Foundation; either version 2 of the ! 11: License, or (at your option) any later version. ! 12: ! 13: This program is distributed in the hope that it will be useful, but ! 14: WITHOUT ANY WARRANTY; without even the implied warranty of ! 15: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ! 16: General Public License for more details. ! 17: ! 18: You should have received a copy of the GNU General Public License ! 19: along with this program; if not, write to the Free Software ! 20: Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ! 21: ! 22: The author of the program may be contacted at [email protected] or ! 23: c/o Infinity Development Systems, P.O. Box 520, Waltham, MA 02254. ! 24: */ ! 25: ! 26: #include "uucp.h" ! 27: ! 28: #include "uudefs.h" ! 29: #include "sysdep.h" ! 30: #include "system.h" ! 31: ! 32: #include <errno.h> ! 33: ! 34: #if HAVE_FCNTL_H ! 35: #include <fcntl.h> ! 36: #else ! 37: #if HAVE_SYS_FILE_H ! 38: #include <sys/file.h> ! 39: #endif ! 40: #endif ! 41: ! 42: #ifndef O_RDONLY ! 43: #define O_RDONLY 0 ! 44: #define O_WRONLY 1 ! 45: #define O_RDWR 2 ! 46: #endif ! 47: ! 48: #ifndef O_NOCTTY ! 49: #define O_NOCTTY 0 ! 50: #endif ! 51: ! 52: #ifndef FD_CLOEXEC ! 53: #define FD_CLOEXEC 1 ! 54: #endif ! 55: ! 56: /* Local functions. */ ! 57: ! 58: static boolean fsuser_perms P((uid_t *pieuid)); ! 59: static boolean fsuucp_perms P((long ieuid)); ! 60: ! 61: /* Switch to permissions of the invoking user. */ ! 62: ! 63: static boolean ! 64: fsuser_perms (pieuid) ! 65: uid_t *pieuid; ! 66: { ! 67: uid_t ieuid, iuid; ! 68: ! 69: ieuid = geteuid (); ! 70: iuid = getuid (); ! 71: if (pieuid != NULL) ! 72: *pieuid = ieuid; ! 73: ! 74: #if HAVE_SETREUID ! 75: /* Swap the effective user id and the real user id. We can then ! 76: swap them back again when we want to return to the uucp user's ! 77: permissions. */ ! 78: if (setreuid (ieuid, iuid) < 0) ! 79: { ! 80: ulog (LOG_ERROR, "setreuid (%ld, %ld): %s", ! 81: (long) ieuid, (long) iuid, strerror (errno)); ! 82: return FALSE; ! 83: } ! 84: #else /* ! HAVE_SETREUID */ ! 85: #if HAVE_SAVED_SETUID ! 86: /* Set the effective user id to the real user id. Since the ! 87: effective user id is saved (it's the saved setuid) we will able ! 88: to set back to it later. If the real user id is root we will not ! 89: be able to switch back and forth, so don't even try. */ ! 90: if (iuid != 0) ! 91: { ! 92: if (setuid (iuid) < 0) ! 93: { ! 94: ulog (LOG_ERROR, "setuid (%ld): %s", (long) iuid, strerror (errno)); ! 95: return FALSE; ! 96: } ! 97: } ! 98: #else /* ! HAVE_SAVED_SETUID */ ! 99: /* There's no way to switch between real permissions and effective ! 100: permissions. Just try to open the file with the uucp ! 101: permissions. */ ! 102: #endif /* ! HAVE_SAVED_SETUID */ ! 103: #endif /* ! HAVE_SETREUID */ ! 104: ! 105: return TRUE; ! 106: } ! 107: ! 108: /* Restore the uucp permissions. */ ! 109: ! 110: /*ARGSUSED*/ ! 111: static boolean ! 112: fsuucp_perms (ieuid) ! 113: long ieuid; ! 114: { ! 115: #if HAVE_SETREUID ! 116: /* Swap effective and real user id's back to what they were. */ ! 117: if (! fsuser_perms ((uid_t *) NULL)) ! 118: return FALSE; ! 119: #else /* ! HAVE_SETREUID */ ! 120: #if HAVE_SAVED_SETUID ! 121: /* Set ourselves back to our original effective user id. */ ! 122: if (setuid ((uid_t) ieuid) < 0) ! 123: { ! 124: ulog (LOG_ERROR, "setuid (%ld): %s", (long) ieuid, strerror (errno)); ! 125: /* Is this error message helpful or confusing? */ ! 126: if (errno == EPERM) ! 127: ulog (LOG_ERROR, ! 128: "Probably HAVE_SAVED_SETUID in policy.h should be set to 0"); ! 129: return FALSE; ! 130: } ! 131: #else /* ! HAVE_SAVED_SETUID */ ! 132: /* We didn't switch, no need to switch back. */ ! 133: #endif /* ! HAVE_SAVED_SETUID */ ! 134: #endif /* ! HAVE_SETREUID */ ! 135: ! 136: return TRUE; ! 137: } ! 138: ! 139: /* Open a file with the permissions of the invoking user. Ignore the ! 140: fbinary argument since Unix has no distinction between text and ! 141: binary files. */ ! 142: ! 143: /*ARGSUSED*/ ! 144: openfile_t ! 145: esysdep_user_fopen (zfile, frd, fbinary) ! 146: const char *zfile; ! 147: boolean frd; ! 148: boolean fbinary; ! 149: { ! 150: uid_t ieuid; ! 151: openfile_t e; ! 152: const char *zerr; ! 153: int o = 0; ! 154: ! 155: if (! fsuser_perms (&ieuid)) ! 156: return EFILECLOSED; ! 157: ! 158: zerr = NULL; ! 159: ! 160: #if USE_STDIO ! 161: e = fopen (zfile, frd ? "r" : "w"); ! 162: if (e == NULL) ! 163: zerr = "fopen"; ! 164: else ! 165: o = fileno (e); ! 166: #else ! 167: if (frd) ! 168: { ! 169: e = open ((char *) zfile, O_RDONLY | O_NOCTTY, 0); ! 170: zerr = "open"; ! 171: } ! 172: else ! 173: { ! 174: e = creat ((char *) zfile, IPUBLIC_FILE_MODE); ! 175: zerr = "creat"; ! 176: } ! 177: if (e >= 0) ! 178: { ! 179: o = e; ! 180: zerr = NULL; ! 181: } ! 182: #endif ! 183: ! 184: if (! fsuucp_perms ((long) ieuid)) ! 185: { ! 186: if (ffileisopen (e)) ! 187: (void) ffileclose (e); ! 188: return EFILECLOSED; ! 189: } ! 190: ! 191: if (zerr != NULL) ! 192: { ! 193: ulog (LOG_ERROR, "%s (%s): %s", zerr, zfile, strerror (errno)); ! 194: #if ! HAVE_SETREUID ! 195: /* Are these error messages helpful or confusing? */ ! 196: #if HAVE_SAVED_SETUID ! 197: if (errno == EACCES && getuid () == 0) ! 198: ulog (LOG_ERROR, ! 199: "The superuser may only transfer files that are readable by %s", ! 200: OWNER); ! 201: #else ! 202: if (errno == EACCES) ! 203: ulog (LOG_ERROR, ! 204: "You may only transfer files that are readable by %s", OWNER); ! 205: #endif ! 206: #endif /* ! HAVE_SETREUID */ ! 207: return EFILECLOSED; ! 208: } ! 209: ! 210: if (fcntl (o, F_SETFD, fcntl (o, F_GETFD, 0) | FD_CLOEXEC) < 0) ! 211: { ! 212: ulog (LOG_ERROR, "fcntl (FD_CLOEXEC): %s", strerror (errno)); ! 213: (void) ffileclose (e); ! 214: return EFILECLOSED; ! 215: } ! 216: ! 217: return e; ! 218: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.