diff options
author | Artur Grabowski <art@cvs.openbsd.org> | 2002-03-17 00:22:05 +0000 |
---|---|---|
committer | Artur Grabowski <art@cvs.openbsd.org> | 2002-03-17 00:22:05 +0000 |
commit | 1dcd6be8c6cc918288d483c117271fc3db53b62a (patch) | |
tree | 1a12379af49ca2f4511982dc7bba2753657641ce /libexec/ld.so | |
parent | c9687eaa307d461d9af0e5fd16d741bbde32eee3 (diff) |
Clean up the zapping of bad variables. Instead of implementing
_dl_suid_ok, just use the issetugid syscall.
ok drahn@.
Diffstat (limited to 'libexec/ld.so')
-rw-r--r-- | libexec/ld.so/alpha/ldasm.S | 26 | ||||
-rw-r--r-- | libexec/ld.so/alpha/syscall.h | 24 | ||||
-rw-r--r-- | libexec/ld.so/loader.c | 5 | ||||
-rw-r--r-- | libexec/ld.so/powerpc/syscall.h | 66 | ||||
-rw-r--r-- | libexec/ld.so/resolve.h | 3 | ||||
-rw-r--r-- | libexec/ld.so/sparc64/ldasm.S | 52 | ||||
-rw-r--r-- | libexec/ld.so/sparc64/syscall.h | 24 |
7 files changed, 22 insertions, 178 deletions
diff --git a/libexec/ld.so/alpha/ldasm.S b/libexec/ld.so/alpha/ldasm.S index 609a1b1ac81..5fea7c60807 100644 --- a/libexec/ld.so/alpha/ldasm.S +++ b/libexec/ld.so/alpha/ldasm.S @@ -1,4 +1,4 @@ -/* $OpenBSD: ldasm.S,v 1.4 2001/09/24 21:37:06 art Exp $ */ +/* $OpenBSD: ldasm.S,v 1.5 2002/03/17 00:22:04 art Exp $ */ /* * Copyright (c) 2001 Niklas Hallqvist @@ -258,29 +258,11 @@ LEAF_NOPROFILE(_dl_mprotect, 3) RET END(_dl_mprotect) -LEAF_NOPROFILE(_dl_getuid, 0) - ldiq v0, SYS_getuid +LEAF_NOPROFILE(_dl_issetugid, 0) + ldiq v0, SYS_issetugid call_pal PAL_OSF1_callsys RET -END(_dl_getuid) - -LEAF_NOPROFILE(_dl_geteuid, 0) - ldiq v0, SYS_geteuid - call_pal PAL_OSF1_callsys - RET -END(_dl_geteuid) - -LEAF_NOPROFILE(_dl_getgid, 0) - ldiq v0, SYS_getgid - call_pal PAL_OSF1_callsys - RET -END(_dl_getgid) - -LEAF_NOPROFILE(_dl_getegid, 0) - ldiq v0, SYS_getegid - call_pal PAL_OSF1_callsys - RET -END(_dl_getegid) +END(_dl_issetugid) #ifdef USE_CACHE LEAF_NOPROFILE(_dl_stat, 2) diff --git a/libexec/ld.so/alpha/syscall.h b/libexec/ld.so/alpha/syscall.h index ace18414da3..06f257da9b5 100644 --- a/libexec/ld.so/alpha/syscall.h +++ b/libexec/ld.so/alpha/syscall.h @@ -1,4 +1,4 @@ -/* $OpenBSD: syscall.h,v 1.4 2002/02/21 23:17:53 drahn Exp $ */ +/* $OpenBSD: syscall.h,v 1.5 2002/03/17 00:22:04 art Exp $ */ /* * Copyright (c) 2001 Niklas Hallqvist @@ -46,10 +46,7 @@ int _dl_close(int); int _dl_exit(int); -int _dl_getegid(void); -int _dl_geteuid(void); -int _dl_getgid(void); -int _dl_getuid(void); +int _dl_issetugid(void); long _dl_mmap(void *, unsigned int, unsigned int, unsigned int, int, off_t); int _dl_mprotect(const void *, int, int); int _dl_munmap(const void*, unsigned int); @@ -60,22 +57,5 @@ int _dl_stat(const char *, struct stat *); #endif int _dl_write(int, const char*, int); -/* - * Not an actual syscall, but we need something in assembly to say - * whether this is OK or not. - */ - -static inline int -_dl_suid_ok (void) -{ - unsigned int uid, euid, gid, egid; - - uid = _dl_getuid(); - euid = _dl_geteuid(); - gid = _dl_getgid(); - egid = _dl_getegid(); - return (uid == euid && gid == egid); -} - #include <elf_abi.h> #endif /*__DL_SYSCALL_H__*/ diff --git a/libexec/ld.so/loader.c b/libexec/ld.so/loader.c index 47697ad4d84..cb75f6b876e 100644 --- a/libexec/ld.so/loader.c +++ b/libexec/ld.so/loader.c @@ -1,4 +1,4 @@ -/* $OpenBSD: loader.c,v 1.25 2002/03/07 00:53:26 art Exp $ */ +/* $OpenBSD: loader.c,v 1.26 2002/03/17 00:22:04 art Exp $ */ /* * Copyright (c) 1998 Per Fogelstrom, Opsycon AB @@ -51,7 +51,6 @@ static char *_dl_getenv(const char *var, const char **env); const char *_dl_progname; int _dl_pagesz; -int _dl_trusted; char *_dl_libpath; char *_dl_preload; @@ -135,7 +134,7 @@ _dl_boot(const char **argv, const char **envp, const long loff, * Don't allow someone to change the search paths if he runs * a suid program without credentials high enough. */ - if ((_dl_trusted = !_dl_suid_ok())) { /* Zap paths if s[ug]id... */ + if (_dl_issetugid()) { /* Zap paths if s[ug]id... */ if (_dl_preload) { *_dl_preload = '\0'; } diff --git a/libexec/ld.so/powerpc/syscall.h b/libexec/ld.so/powerpc/syscall.h index eccc62229fa..d539e591e65 100644 --- a/libexec/ld.so/powerpc/syscall.h +++ b/libexec/ld.so/powerpc/syscall.h @@ -1,4 +1,4 @@ -/* $OpenBSD: syscall.h,v 1.4 2002/02/21 23:17:53 drahn Exp $ */ +/* $OpenBSD: syscall.h,v 1.5 2002/03/17 00:22:04 art Exp $ */ /* * Copyright (c) 1998 Per Fogelstrom, Opsycon AB @@ -216,56 +216,8 @@ _dl_stat (const char *addr, struct stat *sb) #endif -/* Not an actual syscall, but we need something in assembly to say - whether this is OK or not. */ - -static inline int -_dl_getuid () -{ - register int status __asm__ ("3"); - __asm__ volatile ("mr 0,%1\n\t" - "sc\n\t" - "cmpwi 0, 0\n\t" - "beq 1f\n\t" - "li 3,-1\n\t" - "1:" - : "=r" (status) - : "r" (SYS_getuid) - : "0", "3"); - return status; -} -static inline int -_dl_geteuid () -{ - register int status __asm__ ("3"); - __asm__ volatile ("mr 0,%1\n\t" - "sc\n\t" - "cmpwi 0, 0\n\t" - "beq 1f\n\t" - "li 3,-1\n\t" - "1:" - : "=r" (status) - : "r" (SYS_geteuid) - : "0", "3"); - return status; -} -static inline int -_dl_getgid () -{ - register int status __asm__ ("3"); - __asm__ volatile ("mr 0,%1\n\t" - "sc\n\t" - "cmpwi 0, 0\n\t" - "beq 1f\n\t" - "li 3,-1\n\t" - "1:" - : "=r" (status) - : "r" (SYS_getgid) - : "0", "3"); - return status; -} static inline int -_dl_getegid () +_dl_issetugid() { register int status __asm__ ("3"); __asm__ volatile ("mr 0,%1\n\t" @@ -275,21 +227,9 @@ _dl_getegid () "li 3,-1\n\t" "1:" : "=r" (status) - : "r" (SYS_getgid) + : "r" (SYS_issetugid) : "0", "3"); return status; } -static inline int -_dl_suid_ok (void) -{ - unsigned int uid, euid, gid, egid; - - uid = _dl_getuid(); - euid = _dl_geteuid(); - gid = _dl_getgid(); - egid = _dl_getegid(); - return (uid == euid && gid == egid); -} - #include <elf_abi.h> #endif /*__DL_SYSCALL_H__*/ diff --git a/libexec/ld.so/resolve.h b/libexec/ld.so/resolve.h index 442f3bfadc1..0d06bfb482a 100644 --- a/libexec/ld.so/resolve.h +++ b/libexec/ld.so/resolve.h @@ -1,4 +1,4 @@ -/* $OpenBSD: resolve.h,v 1.7 2002/02/21 23:17:53 drahn Exp $ */ +/* $OpenBSD: resolve.h,v 1.8 2002/03/17 00:22:04 art Exp $ */ /* * Copyright (c) 1998 Per Fogelstrom, Opsycon AB @@ -146,7 +146,6 @@ extern const char *_dl_progname; extern struct r_debug *_dl_debug_map; extern int _dl_pagesz; -extern int _dl_trusted; extern int _dl_errno; extern char *_dl_libpath; diff --git a/libexec/ld.so/sparc64/ldasm.S b/libexec/ld.so/sparc64/ldasm.S index 7871a31966b..a466cb5b260 100644 --- a/libexec/ld.so/sparc64/ldasm.S +++ b/libexec/ld.so/sparc64/ldasm.S @@ -1,4 +1,4 @@ -/* $OpenBSD: ldasm.S,v 1.8 2002/03/15 14:52:39 drahn Exp $ */ +/* $OpenBSD: ldasm.S,v 1.9 2002/03/17 00:22:04 art Exp $ */ /* $NetBSD: rtld_start.S,v 1.5 2001/08/14 22:17:48 eeh Exp $ */ /* @@ -240,50 +240,14 @@ _dl_exit: .section ".text" .align 4 - .global _dl_getegid - .type _dl_getegid,@function -_dl_getegid: - mov SYS_getegid | SYSCALL_G2RFLAG, %g1 ! call sys_exit - add %o7, 8, %g2 ! just return on sucess - t ST_SYSCALL ! off to wonderland - retl - sub %g0, %o0, %o0 ! error: result = -errno - - - .section ".text" - .align 4 - .global _dl_geteuid - .type _dl_geteuid,@function -_dl_geteuid: - mov SYS_geteuid | SYSCALL_G2RFLAG, %g1 ! call sys_exit - add %o7, 8, %g2 ! just return on sucess - t ST_SYSCALL ! off to wonderland + .global _dl_issetugid + .type _dl_issetugid,@function +_dl_issetugid: + mov SYS_issetugid | SYSCALL_G2RFLAG, %g1 + add %o7, 8, %g2 + t ST_SYSCALL retl - sub %g0, %o0, %o0 ! error: result = -errno - - - .section ".text" - .align 4 - .global _dl_getgid - .type _dl_getgid,@function -_dl_getgid: - mov SYS_getgid | SYSCALL_G2RFLAG, %g1 ! call sys_exit - add %o7, 8, %g2 ! just return on sucess - t ST_SYSCALL ! off to wonderland - retl - sub %g0, %o0, %o0 ! error: result = -errno - - - .section ".text" - .align 4 - .global _dl_getuid - .type _dl_getuid,@function -_dl_getuid: - mov SYS_getuid | SYSCALL_G2RFLAG, %g1 ! call sys_exit - add %o7, 8, %g2 ! just return on sucess - t ST_SYSCALL ! off to wonderland - retl - sub %g0, %o0, %o0 ! error: result = -errno + sub %g0, %o0, %o0 .section ".text" diff --git a/libexec/ld.so/sparc64/syscall.h b/libexec/ld.so/sparc64/syscall.h index f5bcca662b9..9cc0b69ba14 100644 --- a/libexec/ld.so/sparc64/syscall.h +++ b/libexec/ld.so/sparc64/syscall.h @@ -1,4 +1,4 @@ -/* $OpenBSD: syscall.h,v 1.4 2002/02/21 23:17:53 drahn Exp $ */ +/* $OpenBSD: syscall.h,v 1.5 2002/03/17 00:22:04 art Exp $ */ /* * Copyright (c) 2001 Niklas Hallqvist @@ -47,10 +47,7 @@ int _dl_close(int); int _dl_exit(int); -int _dl_getegid(void); -int _dl_geteuid(void); -int _dl_getgid(void); -int _dl_getuid(void); +int _dl_issetugid(void); long _dl___syscall(quad_t, ...); int _dl_mprotect(const void *, int, int); int _dl_munmap(const void*, unsigned int); @@ -61,22 +58,5 @@ int _dl_stat(const char *, struct stat *); #endif int _dl_write(int, const char*, int); -/* - * Not an actual syscall, but we need something in assembly to say - * whether this is OK or not. - */ - -static inline int -_dl_suid_ok (void) -{ - unsigned int uid, euid, gid, egid; - - uid = _dl_getuid(); - euid = _dl_geteuid(); - gid = _dl_getgid(); - egid = _dl_getegid(); - return (uid == euid && gid == egid); -} - #include <elf_abi.h> #endif /*__DL_SYSCALL_H__*/ |