File indexing completed on 2024-05-05 03:54:29
0001 /* vi: ts=8 sts=4 sw=4 0002 * 0003 This file is part of the KDE project, module kdesu. 0004 SPDX-FileCopyrightText: 1999, 2000 Geert Jansen <g.t.jansen@stud.tue.nl> 0005 0006 secure.cpp: Peer credentials for a UNIX socket. 0007 */ 0008 0009 #include "secure.h" 0010 0011 #include <config-kdesud.h> 0012 #include <ksud_debug.h> 0013 0014 #include <cerrno> 0015 #include <fcntl.h> 0016 #include <stdio.h> 0017 #include <string.h> 0018 #include <unistd.h> 0019 0020 #include <sys/stat.h> 0021 0022 // FIXME: This is just here to make it compile (since ksock* was removed from kdelibs). 0023 // It would be better to fix it more globally. (Caleb Tennis) 0024 typedef unsigned ksocklen_t; 0025 0026 /** 0027 * Under Linux, Socket_security is supported. 0028 */ 0029 0030 #if HAVE_GETPEEREID 0031 0032 SocketSecurity::SocketSecurity(int sockfd) 0033 : pid(-1) 0034 , gid(-1) 0035 , uid(-1) 0036 { 0037 uid_t euid; 0038 gid_t egid; 0039 if (getpeereid(sockfd, &euid, &egid) == 0) { 0040 uid = euid; 0041 gid = egid; 0042 pid = -1; 0043 } 0044 } 0045 0046 #elif HAVE_GETPEERUCRED 0047 0048 #include <ucred.h> 0049 0050 SocketSecurity::SocketSecurity(int sockfd) 0051 : pid(-1) 0052 , gid(-1) 0053 , uid(-1) 0054 { 0055 ucred_t *ucred = 0; 0056 0057 if (getpeerucred(sockfd, &ucred) == 0) { 0058 uid = ucred_geteuid(ucred); 0059 gid = ucred_getrgid(ucred); 0060 pid = -1; 0061 ucred_free(ucred); 0062 } 0063 } 0064 0065 #elif defined(SO_PEERCRED) 0066 0067 SocketSecurity::SocketSecurity(int sockfd) 0068 : pid(-1) 0069 , gid(-1) 0070 , uid(-1) 0071 { 0072 ucred cred; 0073 ksocklen_t len = sizeof(struct ucred); 0074 if (getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cred, &len) < 0) { 0075 qCCritical(KSUD_LOG) << "getsockopt(SO_PEERCRED) " << strerror(errno); 0076 return; 0077 } 0078 pid = cred.pid; 0079 gid = cred.gid; 0080 uid = cred.uid; 0081 } 0082 0083 #else 0084 #ifdef __GNUC__ 0085 #warning SocketSecurity support for your platform not implemented/available! 0086 #endif 0087 /** 0088 * The default version does nothing. 0089 */ 0090 0091 SocketSecurity::SocketSecurity(int sockfd) 0092 : pid(-1) 0093 , gid(-1) 0094 , uid(-1) 0095 { 0096 static bool warned_him = false; 0097 0098 if (!warned_him) { 0099 qCWarning(KSUD_LOG) << "Using void socket security. Please add support for your"; 0100 qCWarning(KSUD_LOG) << "platform to src/kdesud/secure.cpp"; 0101 warned_him = true; 0102 } 0103 0104 // This passes the test made in handler.cpp 0105 uid = getuid(); 0106 } 0107 0108 #endif