diff options
author | russell <russell@f38db490-d61c-443f-a65b-d21fe96a405b> | 2008-01-11 18:25:30 +0000 |
---|---|---|
committer | russell <russell@f38db490-d61c-443f-a65b-d21fe96a405b> | 2008-01-11 18:25:30 +0000 |
commit | 8b01bd8a31691c5f0a2f551e1c8007bd6d795669 (patch) | |
tree | 440bdc36b356106b0372ed724ee4167773adc129 /main/asterisk.c | |
parent | 6c4e7a6dd6ac88cd55a35f274b7ad634397e86c8 (diff) |
Backport the ability to set the ToS bits on Linux when not running as root.
Normally, we would not backport features into 1.4, but, I was convinced by the
justification supplied by the supplier of this patch. He pointed out that this
patch removes a requirement for running as root, thus reducing the potential
impacts of security issues.
(closes issue #11742)
Reported by: paravoid
Patches:
libcap.diff uploaded by paravoid (license 200)
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@98265 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'main/asterisk.c')
-rw-r--r-- | main/asterisk.c | 31 |
1 files changed, 26 insertions, 5 deletions
diff --git a/main/asterisk.c b/main/asterisk.c index 0aff65e0a..4906e7b5f 100644 --- a/main/asterisk.c +++ b/main/asterisk.c @@ -82,13 +82,12 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$") #include <sys/stat.h> #ifdef linux #include <sys/prctl.h> -#endif +#ifdef HAVE_CAP +#include <sys/capability.h> +#endif /* HAVE_CAP */ +#endif /* linux */ #include <regex.h> -#ifdef linux -#include <sys/prctl.h> -#endif - #if defined(__FreeBSD__) || defined( __NetBSD__ ) || defined(SOLARIS) #include <netdb.h> #if defined(SOLARIS) @@ -2734,12 +2733,21 @@ int main(int argc, char *argv[]) } if (runuser && !ast_test_flag(&ast_options, AST_OPT_FLAG_REMOTE)) { +#ifdef HAVE_CAP + int has_cap = 1; +#endif /* HAVE_CAP */ struct passwd *pw; pw = getpwnam(runuser); if (!pw) { ast_log(LOG_WARNING, "No such user '%s'!\n", runuser); exit(1); } +#ifdef HAVE_CAP + if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) { + ast_log(LOG_WARNING, "Unable to keep capabilities.\n"); + has_cap = 0; + } +#endif /* HAVE_CAP */ if (!isroot && pw->pw_uid != geteuid()) { ast_log(LOG_ERROR, "Asterisk started as nonroot, but runuser '%s' requested.\n", runuser); exit(1); @@ -2760,6 +2768,19 @@ int main(int argc, char *argv[]) } if (option_verbose) ast_verbose("Running as user '%s'\n", runuser); +#ifdef HAVE_CAP + if (has_cap) { + cap_t cap; + + cap = cap_from_text("cap_net_admin=ep"); + + if (cap_set_proc(cap)) + ast_log(LOG_WARNING, "Unable to install capabilities.\n"); + + if (cap_free(cap)) + ast_log(LOG_WARNING, "Unable to drop capabilities.\n"); + } +#endif /* HAVE_CAP */ } #endif /* __CYGWIN__ */ |