Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't abuse INSECURE for allowing exec() to load files not owned by uid 0.

Browse Source 
Adjust references where this has been used.
This commit is contained in:
elad 2009-12-29 20:21:45 +00:00
parent f550d323b5
commit 251a5f50bc
5 changed files with 13 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sys/arch/amiga/stand/bootblock/boot/Makefile
View File

@ -1,4 +1,4 @@
# $NetBSD: Makefile,v 1.40 2009/10/17 11:18:17 mlelstv Exp $
# $NetBSD: Makefile,v 1.41 2009/12/29 20:21:45 elad Exp $
.include <bsd.sys.mk> # for HOST_SH
@ -48,8 +48,8 @@ SOBJS += libstubs.o
OBJS= $(SOBJS) $(COBJS)
#XX#DEFS = -D_STANDALONE -DINSECURE -DDYNAMIC_CRC_TABLE -DNOBYFOUR -UBYFOUR
DEFS = -D_STANDALONE -DINSECURE
#XX#DEFS = -D_STANDALONE -DSA_EXEC_ANYOWNER -DDYNAMIC_CRC_TABLE -DNOBYFOUR -UBYFOUR
DEFS = -D_STANDALONE -DSA_EXEC_ANYOWNER
DEFS += -D__INTERNAL_LIBSA_CREAD
#DEFS += -DSERCONSOLE
SOBJS += cread.o

4
sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile
View File

@ -1,4 +1,4 @@
# $NetBSD: Makefile,v 1.11 2009/01/12 07:42:30 tsutsui Exp $
# $NetBSD: Makefile,v 1.12 2009/12/29 20:21:46 elad Exp $
### what we need:
@ -33,7 +33,7 @@ SOBJS += libstubs.o memcmp.o memmove.o memset.o strncmp.o
OBJS= $(SOBJS) $(COBJS)
DEFS = -D_STANDALONE -DINSECURE -D_PRIMARY_BOOT
DEFS = -D_STANDALONE -DSA_EXEC_ANYOWNER -D_PRIMARY_BOOT
.NOPATH: ${OBJS} x.out f.out libboot.a xxstart.o

4
sys/arch/amiga/stand/bootblock/ppcboot/Makefile
View File

@ -1,4 +1,4 @@
# $NetBSD: Makefile,v 1.6 2008/10/19 22:05:21 apb Exp $
# $NetBSD: Makefile,v 1.7 2009/12/29 20:21:46 elad Exp $
### what we need:
@ -28,7 +28,7 @@ SOBJS += libstubs.o
OBJS= $(SOBJS) $(COBJS)
DEFS = -DPPCBOOTER -D_STANDALONE -DINSECURE -DDEBUG_MEMORY_LIST
DEFS = -DPPCBOOTER -D_STANDALONE -DSA_EXEC_ANYOWNER -DDEBUG_MEMORY_LIST
### main target: ###

4
sys/arch/next68k/stand/boot/Makefile
View File

@ -1,4 +1,4 @@
# $NetBSD: Makefile,v 1.22 2009/01/12 07:47:47 tsutsui Exp $
# $NetBSD: Makefile,v 1.23 2009/12/29 20:21:46 elad Exp $
NOMAN= # defined
@ -25,7 +25,7 @@ RELOC= 4380000
# XXX make defs arch-indep.
INCLUDES+= -I${.OBJDIR} -I${S}/arch -I${S} -I${S}/lib/libsa
DEFS+= -D_STANDALONE -DMC68040 -DSUPPORT_BOOTP -DSUPPORT_DHCP -DDEBUG -DSD_DEBUG -DSCSI_DEBUG # -DEN_DEBUG -DNETIF_DEBUG
SAMISCCPPFLAGS= -DSUPPORT_DHCP -DSUPPORT_BOOTP -DINSECURE # -DBOOTP_DEBUG -DETHER_DEBUG -DNET_DEBUG # -DNETIF_DEBUG -DNFS_DEBUG -DARP_DEBUG
SAMISCCPPFLAGS= -DSUPPORT_DHCP -DSUPPORT_BOOTP -DSA_EXEC_ANYOWNER # -DBOOTP_DEBUG -DETHER_DEBUG -DNET_DEBUG # -DNETIF_DEBUG -DNFS_DEBUG -DARP_DEBUG
WARNS=1
CFLAGS+= -ffreestanding -nostdinc ${INCLUDES} ${DEFS}
CFLAGS+= -Wall -Wmissing-prototypes -Wstrict-prototypes -Wpointer-arith

12
sys/lib/libsa/exec.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: exec.c,v 1.27 2009/08/16 13:26:16 matt Exp $ */
/* $NetBSD: exec.c,v 1.28 2009/12/29 20:21:46 elad Exp $ */
/*-
* Copyright (c) 1982, 1986, 1990, 1993
@ -29,13 +29,9 @@
* SUCH DAMAGE.
*/
#ifdef _KERNEL_OPT
#include "opt_insecure.h"
#endif
#include <sys/param.h>
#include <sys/reboot.h>
#ifndef INSECURE
#ifndef SA_EXEC_ANYOWNER
#include <sys/stat.h>
#endif
#include <sys/exec_aout.h>
@ -50,7 +46,7 @@
void
exec(char *path, char *loadaddr, int howto)
{
#ifndef INSECURE
#ifndef SA_EXEC_ANYOWNER
struct stat sb;
#endif
struct exec x;
@ -61,7 +57,7 @@ exec(char *path, char *loadaddr, int howto)
if (io < 0)
return;
#ifndef INSECURE
#ifndef SA_EXEC_ANYOWNER
(void) fstat(io, &sb);
if (sb.st_uid || (sb.st_mode & 2)) {
printf("non-secure file, will not load\n");