diff options
Diffstat (limited to 'bin/systrace/systrace.c')
| -rw-r--r-- | bin/systrace/systrace.c | 67 |
1 files changed, 55 insertions, 12 deletions
diff --git a/bin/systrace/systrace.c b/bin/systrace/systrace.c index 9b5bd1c2be2..a5e5bdb8244 100644 --- a/bin/systrace/systrace.c +++ b/bin/systrace/systrace.c @@ -1,4 +1,4 @@ -/* $OpenBSD: systrace.c,v 1.43 2003/06/16 06:36:40 itojun Exp $ */ +/* $OpenBSD: systrace.c,v 1.44 2003/07/19 11:48:58 sturm Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * All rights reserved. @@ -44,6 +44,7 @@ #include <string.h> #include <err.h> #include <errno.h> +#include <grp.h> #include <pwd.h> #include "intercept.h" @@ -297,7 +298,7 @@ gen_cb(int fd, pid_t pid, int policynr, const char *name, int code, goto out; } - action = filter_ask(fd, NULL, NULL, policynr, emulation, name, + action = filter_ask(fd, NULL, pflq, policynr, emulation, name, output, &future, ipid); if (future != ICPOLICY_ASK) systrace_modifypolicy(fd, policynr, name, future); @@ -408,8 +409,8 @@ static void usage(void) { fprintf(stderr, - "Usage: systrace [-aAituU] [-d poldir] [-g gui] [-f policy]\n" - "\t [-c uid:gid] [-p pid] command ...\n"); + "Usage: systrace [-AaitUu] [-c uid:gid] [-d policydir] [-f file]\n" + "\t [-g gui] [-p pid] command ...\n"); exit(1); } @@ -460,6 +461,54 @@ requestor_start(char *path) return (0); } +static int +get_uid_gid(const char *argument, uid_t *uid, gid_t *gid) +{ + struct group *gp; + struct passwd *pw; + unsigned long ulval; + char uid_gid_str[128]; + char *endp, *g, *u; + + strlcpy(uid_gid_str, argument, sizeof(uid_gid_str)); + g = uid_gid_str; + u = strsep(&g, ":"); + + if ((pw = getpwnam(u)) != NULL) { + memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); + *uid = pw->pw_uid; + *gid = pw->pw_gid; + /* Ok if group not specified. */ + if (g == NULL) + return (0); + } else { + errno = 0; + ulval = strtoul(u, &endp, 10); + if (u[0] == '\0' || *endp != '\0') + errx(1, "no such user '%s'", u); + if (errno == ERANGE && ulval == ULONG_MAX) + errx(1, "invalid uid %s", u); + *uid = (uid_t)ulval; + } + + if (g == NULL) + return (-1); + + if ((gp = getgrnam(g)) != NULL) + *gid = gp->gr_gid; + else { + errno = 0; + ulval = strtoul(g, &endp, 10); + if (g[0] == '\0' || *endp != '\0') + errx(1, "no such group '%s'", g); + if (errno == ERANGE && ulval == ULONG_MAX) + errx(1, "invalid gid %s", g); + *gid = (gid_t)ulval; + } + + return (0); +} + int main(int argc, char **argv) { @@ -467,7 +516,7 @@ main(int argc, char **argv) char **args; char *filename = NULL; char *policypath = NULL; - char *guipath = _PATH_XSYSTRACE, *p; + char *guipath = _PATH_XSYSTRACE; struct timeval tv, tv_wait = {60, 0}; pid_t pidattach = 0; int usex11 = 1, count; @@ -479,14 +528,8 @@ main(int argc, char **argv) while ((c = getopt(argc, argv, "c:aAituUd:g:f:p:")) != -1) { switch (c) { case 'c': - p = strsep(&optarg, ":"); - if (optarg == NULL || *optarg == '\0') - usage(); setcredentials = 1; - cr_uid = atoi(p); - cr_gid = atoi(optarg); - - if (cr_uid <= 0 || cr_gid <= 0) + if (get_uid_gid(optarg, &cr_uid, &cr_gid) == -1) usage(); break; case 'a': |