Problem in create_runfie() fixed. New function paranoia_check() implemented.
This commit is contained in:
parent
dfd414adc2
commit
c24ebe0be5
|
@ -34,7 +34,7 @@ config:
|
|||
@echo '#include "../scripts/autoconf.h"' >> policy.h
|
||||
@echo '#define I4LCONFDIR CONFIG_I4LCONFDIR' >> policy.h
|
||||
@echo '#define CONFFILE CONFIG_CONFFILE' >> policy.h
|
||||
# @echo '#define CALLERIDFILE CONFIG_CALLERIDFILE' >> policy.h
|
||||
@echo '#define CALLERIDFILE CONFIG_CALLERIDFILE' >> policy.h
|
||||
@echo '#define USERCONFFILE CONFIG_USERCONFFILE' >> policy.h
|
||||
@echo '#define RUNDIR CONFIG_RUNDIR' >> policy.h
|
||||
@echo '#define S_COUNTRY_PRFIX CONFIG_COUNTRY_PREFIX' >> policy.h
|
||||
|
|
|
@ -210,3 +210,20 @@ Im Fehlerfalle wird -1 geliefert.
|
|||
|
||||
-----------------------------------------------------------------------------
|
||||
|
||||
Funktion:
|
||||
|
||||
int paranoia_check(char *cmd)
|
||||
|
||||
Prueft, ob das auszufuehrende Programm die User-ID 0 (root) hat, und prueft
|
||||
dann, ob das Programm "cmd"
|
||||
- auch vom owner root ist
|
||||
- nur schreibberechtigung fuer root besitzt.
|
||||
|
||||
cmd: Beinhaltet einen Datenamen
|
||||
|
||||
Rueckgabewert:
|
||||
0, wenn die Bedingungen eingehalten wurden,
|
||||
Ansonsten -1.
|
||||
|
||||
-----------------------------------------------------------------------------
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: isdntools.c,v 1.2 1997/03/03 22:05:39 luethje Exp $
|
||||
/* $Id: isdntools.c,v 1.3 1997/03/06 20:36:34 luethje Exp $
|
||||
*
|
||||
* ISDN accounting for isdn4linux. (Utilities)
|
||||
*
|
||||
|
@ -19,6 +19,9 @@
|
|||
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
*
|
||||
* $Log: isdntools.c,v $
|
||||
* Revision 1.3 1997/03/06 20:36:34 luethje
|
||||
* Problem in create_runfie() fixed. New function paranoia_check() implemented.
|
||||
*
|
||||
* Revision 1.2 1997/03/03 22:05:39 luethje
|
||||
* merging of the current version and my tree
|
||||
*
|
||||
|
@ -82,6 +85,7 @@
|
|||
#include <sys/stat.h>
|
||||
#include <signal.h>
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
|
||||
#include "libisdn.h"
|
||||
|
||||
|
@ -318,6 +322,7 @@ int create_runfile(const char *progname)
|
|||
char runfile[PATH_MAX];
|
||||
char string[SHORT_STRING_SIZE];
|
||||
int RetCode = -1;
|
||||
int fd = -1;
|
||||
FILE *fp;
|
||||
|
||||
if (progname == NULL)
|
||||
|
@ -326,16 +331,19 @@ int create_runfile(const char *progname)
|
|||
Ptr = strrchr(progname,C_SLASH);
|
||||
sprintf(runfile,"%s%c%s.pid",RUNDIR,C_SLASH,Ptr?Ptr+1:progname);
|
||||
|
||||
if (access(runfile,W_OK) != 0 && errno == ENOENT)
|
||||
if ((fd = open(runfile, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC, 0644)) >= 0)
|
||||
{
|
||||
if ((fp = fopen(runfile, "w")) == NULL)
|
||||
return -1;
|
||||
sprintf(string, "%10d\n", (int)getpid());
|
||||
|
||||
fprintf(fp, "%d\n", (int)getpid());
|
||||
fclose(fp);
|
||||
chmod(runfile, 0644);
|
||||
|
||||
RetCode = 0;
|
||||
if (write(fd, string, strlen(string)) != strlen(string) )
|
||||
{
|
||||
print_msg("Can not write to PID file `%s'!\n", runfile);
|
||||
RetCode = -1;
|
||||
}
|
||||
else
|
||||
RetCode = 0;
|
||||
|
||||
close(fd);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -696,3 +704,34 @@ int read_conffiles(section **Section, char *groupfile)
|
|||
|
||||
/****************************************************************************/
|
||||
|
||||
int paranoia_check(char *cmd)
|
||||
{
|
||||
struct stat stbuf;
|
||||
|
||||
|
||||
if (getuid() == 0)
|
||||
{
|
||||
if (stat(cmd, &stbuf))
|
||||
{
|
||||
print_msg("stat() failed for file `%s', stay on the safe side!\n", cmd);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (stbuf.st_uid != 0)
|
||||
{
|
||||
print_msg("Owner of file `%s' is not root!\n", cmd);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (stbuf.st_mode & (S_IWGRP | S_IWOTH))
|
||||
{
|
||||
print_msg("File `%s' is writable by group or world!\n", cmd);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/****************************************************************************/
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
/* $Id: libisdn.h,v 1.2 1997/03/03 22:05:41 luethje Exp $
|
||||
/* $Id: libisdn.h,v 1.3 1997/03/06 20:36:35 luethje Exp $
|
||||
*
|
||||
* ISDN accounting for isdn4linux.
|
||||
*
|
||||
|
@ -134,6 +134,7 @@ _EXTERN int delete_runfile(const char* progname);
|
|||
_EXTERN int Set_Codes(section* Section);
|
||||
_EXTERN char *get_areacode(char *code, int *Len, int flag);
|
||||
_EXTERN int read_conffiles(section **Section, char *groupfile);
|
||||
_EXTERN int paranoia_check(char *cmd);
|
||||
|
||||
#undef SET_NULL
|
||||
#undef _EXTERN
|
||||
|
|
Loading…
Reference in New Issue