summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordimitri staessens <[email protected]>2016-07-03 16:20:56 +0200
committerdimitri staessens <[email protected]>2016-07-03 16:26:32 +0200
commit8cb2f2fe999476b55358e3cfbdcbcbb3cf75f2cb (patch)
treed1333083d2d2302b3159b91ec3f204ccbd95f8bc
parent597456c934bf0f9ec475ac89eaaf67e9a0c58c0e (diff)
downloadouroboros-8cb2f2fe999476b55358e3cfbdcbcbb3cf75f2cb.tar.gz
ouroboros-8cb2f2fe999476b55358e3cfbdcbcbb3cf75f2cb.zip
tools, irm: move binary check to library
This will make the library check if the user has permissions to execute the binary when auto is set. This prevents writing malicious software that would use the irmd to execute other applications to which the user has no access.
-rw-r--r--src/lib/irm.c8
-rw-r--r--src/tools/irm/irm_bind.c16
2 files changed, 17 insertions, 7 deletions
diff --git a/src/lib/irm.c b/src/lib/irm.c
index 6b296258..93963eb1 100644
--- a/src/lib/irm.c
+++ b/src/lib/irm.c
@@ -29,6 +29,7 @@
#include <ouroboros/sockets.h>
#include <stdlib.h>
+#include <sys/stat.h>
pid_t irm_create_ipcp(char * name,
enum ipcp_type ipcp_type)
@@ -246,10 +247,17 @@ int irm_bind(char * name,
irm_msg_t msg = IRM_MSG__INIT;
irm_msg_t * recv_msg = NULL;
int ret = -1;
+ struct stat s;
if (name == NULL || ap_name == NULL)
return -EINVAL;
+ if (stat(ap_name, &s) != 0)
+ return -ENOENT;
+
+ if (!(s.st_mode & S_IXUSR))
+ return -EPERM;
+
msg.code = IRM_MSG_CODE__IRM_BIND;
msg.dst_name = name;
msg.ap_name = ap_name;
diff --git a/src/tools/irm/irm_bind.c b/src/tools/irm/irm_bind.c
index 92ebdd8a..45da6e4c 100644
--- a/src/tools/irm/irm_bind.c
+++ b/src/tools/irm/irm_bind.c
@@ -22,7 +22,7 @@
#include <stdio.h>
#include <string.h>
-#include <sys/stat.h>
+#include <errno.h>
#include <ouroboros/irm.h>
@@ -45,7 +45,7 @@ int do_bind(int argc, char ** argv)
char * name = NULL;
char * ap_name = NULL;
uint16_t flags = 0;
- struct stat s;
+ int ret = 0;
while (argc > 0) {
if (matches(*argv, "name") == 0) {
@@ -79,15 +79,17 @@ int do_bind(int argc, char ** argv)
return -1;
}
- if (stat(ap_name, &s) != 0) {
- printf("Application %s does not exist.\n", ap_name);
+ ret = irm_bind(name, ap_name, flags, argc, argv);
+ if (ret == -ENOENT) {
+ printf("%s does not exist.\n", ap_name);
return -1;
}
- if (!(s.st_mode & S_IXUSR)) {
- printf("Application %s is not executable.\n", ap_name);
+ if (ret == -EPERM) {
+ printf("Cannot execute %s, please check permissions.\n",
+ ap_name);
return -1;
}
- return irm_bind(name, ap_name, flags, argc, argv);
+ return ret;
}