wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 786631, part 1: Refactor privilege adjustment. r=dhylands

Browse Source
This commit is contained in:
Chris Jones 2013-01-17 12:06:36 -08:00
parent 8e180ba6d7
commit 61289b3aab
4 changed files with 78 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ipc/chromium/src/base/process_util.h
View File

@ -131,7 +131,8 @@ enum ChildPrivileges {
PRIVILEGES_UNPRIVILEGED,
PRIVILEGES_CAMERA,
PRIVILEGES_VIDEO,
PRIVILEGES_INHERIT
PRIVILEGES_INHERIT,
PRIVILEGES_LAST
};
#if defined(OS_WIN)
@ -179,9 +180,12 @@ bool LaunchApp(const std::vector<std::string>& argv,
const environment_map& env_vars_to_set,
bool wait, ProcessHandle* process_handle,
ProcessArchitecture arch=GetCurrentProcessArchitecture());
#endif
// Adjust the privileges of this process to match |privs|. Only
// returns if privileges were successfully adjusted.
void SetCurrentProcessPrivileges(ChildPrivileges privs);
// Executes the application specified by cl. This function delegates to one
// of the above two platform-specific functions.
bool LaunchApp(const CommandLine& cl,

122
ipc/chromium/src/base/process_util_linux.cc
View File

@ -231,64 +231,7 @@ bool LaunchApp(const std::vector<std::string>& argv,
argv_cstr[i] = const_cast<char*>(argv[i].c_str());
argv_cstr[argv.size()] = NULL;
if (privs != PRIVILEGES_INHERIT) {
gid_t gid = CHILD_UNPRIVILEGED_GID;
uid_t uid = CHILD_UNPRIVILEGED_UID;
#ifdef MOZ_WIDGET_GONK
{
static bool checked_pix_max, pix_max_ok;
if (!checked_pix_max) {
checked_pix_max = true;
int fd = open("/proc/sys/kernel/pid_max", O_CLOEXEC | O_RDONLY);
if (fd < 0) {
DLOG(ERROR) << "Failed to open pid_max";
_exit(127);
}
char buf[PATH_MAX];
ssize_t len = read(fd, buf, sizeof(buf) - 1);
close(fd);
if (len < 0) {
DLOG(ERROR) << "Failed to read pid_max";
_exit(127);
}
buf[len] = '\0';
int pid_max = atoi(buf);
pix_max_ok =
(pid_max + CHILD_UNPRIVILEGED_UID > CHILD_UNPRIVILEGED_UID);
}
if (!pix_max_ok) {
DLOG(ERROR) << "Can't safely get unique uid/gid";
_exit(127);
}
gid += getpid();
uid += getpid();
}
if (privs == PRIVILEGES_CAMERA) {
gid_t groups[] = { AID_AUDIO, AID_CAMERA, AID_SDCARD_RW };
if (setgroups(sizeof(groups) / sizeof(groups[0]), groups) != 0) {
DLOG(ERROR) << "FAILED TO setgroups() CHILD PROCESS, path: " << argv_cstr[0];
_exit(127);
}
}
else if (privs == PRIVILEGES_VIDEO) {
gid_t groups[] = { AID_AUDIO, AID_MEDIA };
if (setgroups(sizeof(groups) / sizeof(groups[0]), groups) != 0) {
DLOG(ERROR) << "FAILED TO setgroups() CHILD PROCESS, path: " << argv_cstr[0];
_exit(127);
}
}
#endif
if (setgid(gid) != 0) {
DLOG(ERROR) << "FAILED TO setgid() CHILD PROCESS, path: " << argv_cstr[0];
_exit(127);
}
if (setuid(uid) != 0) {
DLOG(ERROR) << "FAILED TO setuid() CHILD PROCESS, path: " << argv_cstr[0];
_exit(127);
}
if (chdir("/") != 0)
gProcessLog.print("==> could not chdir()\n");
}
SetCurrentProcessPrivileges(privs);
#ifdef HAVE_PR_DUPLICATE_ENVIRONMENT
execve(argv_cstr[0], argv_cstr.get(), envp);
@ -323,6 +266,69 @@ bool LaunchApp(const CommandLine& cl,
return LaunchApp(cl.argv(), no_files, wait, process_handle);
}
void SetCurrentProcessPrivileges(ChildPrivileges privs) {
if (privs == PRIVILEGES_INHERIT) {
return;
}
gid_t gid = CHILD_UNPRIVILEGED_GID;
uid_t uid = CHILD_UNPRIVILEGED_UID;
#ifdef MOZ_WIDGET_GONK
{
static bool checked_pix_max, pix_max_ok;
if (!checked_pix_max) {
checked_pix_max = true;
int fd = open("/proc/sys/kernel/pid_max", O_CLOEXEC | O_RDONLY);
if (fd < 0) {
DLOG(ERROR) << "Failed to open pid_max";
_exit(127);
}
char buf[PATH_MAX];
ssize_t len = read(fd, buf, sizeof(buf) - 1);
close(fd);
if (len < 0) {
DLOG(ERROR) << "Failed to read pid_max";
_exit(127);
}
buf[len] = '\0';
int pid_max = atoi(buf);
pix_max_ok =
(pid_max + CHILD_UNPRIVILEGED_UID > CHILD_UNPRIVILEGED_UID);
}
if (!pix_max_ok) {
DLOG(ERROR) << "Can't safely get unique uid/gid";
_exit(127);
}
gid += getpid();
uid += getpid();
}
if (privs == PRIVILEGES_CAMERA) {
gid_t groups[] = { AID_AUDIO, AID_CAMERA, AID_SDCARD_RW };
if (setgroups(sizeof(groups) / sizeof(groups[0]), groups) != 0) {
DLOG(ERROR) << "FAILED TO setgroups() CHILD PROCESS";
_exit(127);
}
}
else if (privs == PRIVILEGES_VIDEO) {
gid_t groups[] = { AID_AUDIO, AID_MEDIA };
if (setgroups(sizeof(groups) / sizeof(groups[0]), groups) != 0) {
DLOG(ERROR) << "FAILED TO setgroups() CHILD PROCESS";
_exit(127);
}
}
#endif
if (setgid(gid) != 0) {
DLOG(ERROR) << "FAILED TO setgid() CHILD PROCESS";
_exit(127);
}
if (setuid(uid) != 0) {
DLOG(ERROR) << "FAILED TO setuid() CHILD PROCESS";
_exit(127);
}
if (chdir("/") != 0)
gProcessLog.print("==> could not chdir()\n");
}
NamedProcessIterator::NamedProcessIterator(const std::wstring& executable_name,
const ProcessFilter* filter)
: executable_name_(executable_name), filter_(filter) {

4
ipc/chromium/src/base/process_util_mac.mm
View File

@ -188,6 +188,10 @@ bool LaunchApp(const CommandLine& cl,
return LaunchApp(cl.argv(), no_files, wait, process_handle);
}
void SetCurrentProcessPrivileges(ChildPrivileges privs) {
}
NamedProcessIterator::NamedProcessIterator(const std::wstring& executable_name,
const ProcessFilter* filter)
: executable_name_(executable_name),

4
ipc/chromium/src/base/process_util_win.cc
View File

@ -337,6 +337,10 @@ bool WaitForExitCode(ProcessHandle handle, int* exit_code) {
return true;
}
void SetCurrentProcessPrivileges(ChildPrivileges privs) {
}
NamedProcessIterator::NamedProcessIterator(const std::wstring& executable_name,
const ProcessFilter* filter)
: started_iteration_(false),