go back to running these as root from inetd. however once rpc.{rusersd,rstatd}

starts, do a chroot to /var/empty and change to user nobody.
hi mom, i'm in jail!

1 files changed, 35 insertions, 14 deletions

diff --git a/libexec/rpc.rusersd/rusersd.c b/libexec/rpc.rusersd/rusersd.c
index 559d83f0d09..00c60594683 100644
--- a/libexec/rpc.rusersd/rusersd.c
+++ b/libexec/rpc.rusersd/rusersd.c
@@ -1,9 +1,9 @@
-/*	$OpenBSD: rusersd.c,v 1.6 2002/06/09 04:06:42 deraadt Exp $	*/
+/*	$OpenBSD: rusersd.c,v 1.7 2002/06/28 22:40:33 deraadt Exp $	*/
 
 /*-
  *  Copyright (c) 1993 John Brezak
  *  All rights reserved.
- * 
+ *
  *  Redistribution and use in source and binary forms, with or without
  *  modification, are permitted provided that the following conditions
  *  are met:
@@ -14,7 +14,7 @@
  *     documentation and/or other materials provided with the distribution.
  *  3. The name of the author may not be used to endorse or promote products
  *     derived from this software without specific prior written permission.
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
@@ -29,27 +29,31 @@
  */
 
 #ifndef lint
-static char rcsid[] = "$OpenBSD: rusersd.c,v 1.6 2002/06/09 04:06:42 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: rusersd.c,v 1.7 2002/06/28 22:40:33 deraadt Exp $";
 #endif /* not lint */
 
 #include <sys/types.h>
 #include <sys/socket.h>
+#include <sys/file.h>
 #include <stdio.h>
 #include <signal.h>
 #include <unistd.h>
 #include <stdlib.h>
+#include <pwd.h>
 #include <syslog.h>
 #include <rpc/rpc.h>
 #include <rpcsvc/rusers.h>	/* New version */
 #include <rpcsvc/rnusers.h>	/* Old version */
 #include <rpc/pmap_clnt.h>
+#include <utmp.h>
 
 extern void rusers_service(struct svc_req *, SVCXPRT *);
 
 int from_inetd = 1;
+int utmp_fd;
 
 void
-cleanup()
+cleanup(int signo)
 {
 	(void) pmap_unset(RUSERSPROG, RUSERSVERS_3);	/* XXX signal races */
 	(void) pmap_unset(RUSERSPROG, RUSERSVERS_IDLE);
@@ -58,15 +62,32 @@ cleanup()
 }
 
 int
-main(argc, argv)
-	int argc;
-	char *argv[];
+main(int argc, char *argv[])
 {
-	SVCXPRT *transp;
-	int sock = 0;
-	int proto = 0;
+	int sock = 0, proto = 0, fromlen;
 	struct sockaddr_in from;
-	int fromlen;
+	struct passwd *pw;
+	SVCXPRT *transp;
+
+	if (utmp_fd = open(_PATH_UTMP, O_RDONLY) == -1) {
+		syslog(LOG_ERR, "cannot open %s", _PATH_UTMP);
+		exit(1);
+	}
+
+	pw = getpwnam("nobody");
+	if (chroot("/var/empty") == -1) {
+		syslog(LOG_ERR, "cannot chdir to /var/empty.");
+		exit(1);
+	}
+	chdir("/");
+
+	if (pw) {
+		setgroups(1, &pw->pw_gid);
+		setegid(pw->pw_gid);
+		setgid(pw->pw_gid);
+		seteuid(pw->pw_uid);
+		setegid(pw->pw_uid);
+	}
 
 	/*
 	 * See if inetd started us
@@ -77,7 +98,7 @@ main(argc, argv)
 		sock = RPC_ANYSOCK;
 		proto = IPPROTO_UDP;
 	}
-	
+
 	if (!from_inetd) {
 		daemon(0, 0);
 
@@ -91,7 +112,7 @@ main(argc, argv)
 	}
 
 	openlog("rpc.rusersd", LOG_CONS|LOG_PID, LOG_DAEMON);
-	
+
 	transp = svcudp_create(sock);
 	if (transp == NULL) {
 		syslog(LOG_ERR, "cannot create udp service.");