diff options
| author | Darren Tucker <dtucker@cvs.openbsd.org> | 2004-12-13 12:39:16 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@cvs.openbsd.org> | 2004-12-13 12:39:16 +0000 |
| commit | d3df4410f53562535f90d396cf419c00819c994e (patch) | |
| tree | 94bccab905f179d2b1835c8ffb54a25c6b47be34 | |
| parent | f23c79cf24031bf7d4a42a6de191587765ed6367 (diff) | |
Sanity check owner and permissions of privsep directory, like sshd does;
ok henning@
| -rw-r--r-- | usr.sbin/ntpd/ntp.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/usr.sbin/ntpd/ntp.c b/usr.sbin/ntpd/ntp.c index 0646e850942..f7056b2802c 100644 --- a/usr.sbin/ntpd/ntp.c +++ b/usr.sbin/ntpd/ntp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ntp.c,v 1.43 2004/12/13 12:36:02 dtucker Exp $ */ +/* $OpenBSD: ntp.c,v 1.44 2004/12/13 12:39:15 dtucker Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -19,6 +19,7 @@ #include <sys/param.h> #include <sys/time.h> +#include <sys/stat.h> #include <errno.h> #include <fcntl.h> #include <paths.h> @@ -72,6 +73,7 @@ ntp_main(int pipe_prnt[2], struct ntpd_conf *nconf) struct ntp_peer *p; struct ntp_peer **idx2peer = NULL; struct timespec tp; + struct stat stb; time_t nextaction; void *newp; @@ -93,6 +95,10 @@ ntp_main(int pipe_prnt[2], struct ntpd_conf *nconf) if ((nullfd = open(_PATH_DEVNULL, O_RDWR, 0)) == -1) fatal(NULL); + if (stat(pw->pw_dir, &stb) == -1) + fatal("stat"); + if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0) + fatal("bad privsep dir permissions"); if (chroot(pw->pw_dir) == -1) fatal("chroot"); if (chdir("/") == -1) |