diff options
author | SUZUKI, Shinsuke <suz@kame.net> | 2007-02-27 14:47:11 +0000 |
---|---|---|
committer | Bjørn Mork <bjorn@mork.no> | 2010-08-06 15:37:36 +0200 |
commit | fc15adcff189d5fb96a9802307f8b82866e12ac7 (patch) | |
tree | 9795f2174138334f799ac987c2545791f98589c2 /common.c | |
parent | fe2c74572f875332b461ba2a17a594a7ee4eb2d3 (diff) |
supported script execution for dhcp6relay (contributed by Bruno STEVANT)
Diffstat (limited to 'common.c')
-rw-r--r-- | common.c | 40 |
1 files changed, 40 insertions, 0 deletions
@@ -32,6 +32,7 @@ #include <sys/socket.h> #include <sys/ioctl.h> #include <sys/queue.h> +#include <sys/stat.h> #if TIME_WITH_SYS_TIME # include <sys/time.h> # include <time.h> @@ -3339,3 +3340,42 @@ ifaddrconf(cmd, ifname, addr, plen, pltime, vltime) close(s); return (0); } + +int +safefile(path) + const char *path; +{ + struct stat s; + uid_t myuid; + + /* no setuid */ + if (getuid() != geteuid()) { + dprintf(LOG_NOTICE, FNAME, + "setuid'ed execution not allowed"); + return (-1); + } + + if (lstat(path, &s) != 0) { + dprintf(LOG_NOTICE, FNAME, "lstat failed: %s", + strerror(errno)); + return (-1); + } + + /* the file must be owned by the running uid */ + myuid = getuid(); + if (s.st_uid != myuid) { + dprintf(LOG_NOTICE, FNAME, "%s has invalid owner uid", path); + return (-1); + } + + switch (s.st_mode & S_IFMT) { + case S_IFREG: + break; + default: + dprintf(LOG_NOTICE, FNAME, "%s is an invalid file type 0x%o", + path, (s.st_mode & S_IFMT)); + return (-1); + } + + return (0); +} |