diff options
author | Fumitoshi UKAI <ukai@debian.or.jp> | 2002-11-06 03:50:48 +0000 |
---|---|---|
committer | Fumitoshi UKAI <ukai@debian.or.jp> | 2002-11-06 03:50:48 +0000 |
commit | eee9736e27aae251515c194190301dcc50055c57 (patch) | |
tree | a0fe2a795b130d355f4b4ff74a8e0a94e01ef1fd /w3mimg | |
parent | [w3m-dev 03377] sync_with_option (diff) | |
download | w3m-eee9736e27aae251515c194190301dcc50055c57.tar.gz w3m-eee9736e27aae251515c194190301dcc50055c57.zip |
[w3m-dev 03379] setuid w3mimgdisplay and check console tty
* XMakefile: w3mimgdisplay install by INSTALL_W3MIMGDISPLAY
* configure: ask setuid w3mimgdisplay
(w3mimgdisplay_setuid): added
(INSTALL_W3MIMGDISPLAY): added
* etc.c (mySystem): close until FOPEN_MAX
* image.c (openImgdisplay): setenv W3M_TTY
stderr to /dev/null
close until FOPEN_MAX
* install-sh: -o, -g for owner, group
* proto.h (ttyname_tty): added
* search.c (open_migemo): stderr to /dev/null
close until FOPEN_MAX
* terms.c (ttyname_tty): added
* w3mimgdisplay.c: include <sys/types.h>, <unistd.h>
W3MIMGDISPLAY_SETUID
stderr to /dev/null
* w3mimg/w3mimg.c: include <sys/types.h>, <unistd.h>
W3MIMGDISPLAY_SETUID
* w3mimg/fb/fb_w3mimg.c (check_tty_console): added
From: Fumitoshi UKAI <ukai@debian.or.jp>
Diffstat (limited to '')
-rw-r--r-- | w3mimg/fb/fb_w3mimg.c | 29 | ||||
-rw-r--r-- | w3mimg/w3mimg.c | 16 | ||||
-rw-r--r-- | w3mimgdisplay.c | 23 |
3 files changed, 64 insertions, 4 deletions
diff --git a/w3mimg/fb/fb_w3mimg.c b/w3mimg/fb/fb_w3mimg.c index 2733624..6734463 100644 --- a/w3mimg/fb/fb_w3mimg.c +++ b/w3mimg/fb/fb_w3mimg.c @@ -1,8 +1,12 @@ -/* $Id: fb_w3mimg.c,v 1.5 2002/10/31 09:36:22 ukai Exp $ */ +/* $Id: fb_w3mimg.c,v 1.6 2002/11/06 03:50:49 ukai Exp $ */ #include <stdio.h> #include <stdlib.h> #include <ctype.h> #include <string.h> +#include <unistd.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> #include "w3mimg/fb/fb.h" #include "w3mimg/fb/fb_img.h" @@ -128,6 +132,24 @@ w3mfb_get_image_size(w3mimg_op * self, W3MImage * img, return 1; } +#ifdef W3MIMGDISPLAY_SETUID +static int +check_tty_console(char *tty) +{ + if (tty == NULL || *tty == '\0') + return 0; + if (strncmp(tty, "/dev/", 5) == 0) + tty += 5; + if (strncmp(tty, "tty", 3) == 0 && isdigit(*(tty+3))) + return 1; + if (strncmp(tty, "vc/", 3) == 0 && isdigit(*(tty+3))) + return 1; + return 0; +} +#else +#define check_tty_console(tty) 1 +#endif + w3mimg_op * w3mimg_fbopen() { @@ -137,6 +159,11 @@ w3mimg_fbopen() return NULL; memset(wop, 0, sizeof(w3mimg_op)); + if (! check_tty_console(getenv("W3M_TTY"))) { + fprintf(stderr, "w3mimgdisplay/fb: tty is not console\n"); + goto error; + } + if (fb_open()) goto error; diff --git a/w3mimg/w3mimg.c b/w3mimg/w3mimg.c index ebbd618..144a2d9 100644 --- a/w3mimg/w3mimg.c +++ b/w3mimg/w3mimg.c @@ -1,18 +1,32 @@ -/* $Id: w3mimg.c,v 1.4 2002/07/19 03:25:56 ukai Exp $ */ +/* $Id: w3mimg.c,v 1.5 2002/11/06 03:50:49 ukai Exp $ */ #include <stdio.h> #include <stdlib.h> +#include <sys/types.h> +#include <unistd.h> #include "w3mimg/w3mimg.h" w3mimg_op * w3mimg_open() { w3mimg_op *w_op = NULL; +#ifdef W3MIMGDISPLAY_SETUID + uid_t runner_uid = getuid(); + uid_t owner_uid = geteuid(); +#endif #ifdef USE_W3MIMG_X11 +#ifdef W3MIMGDISPLAY_SETUID + /* run in user privileges */ + setreuid(owner_uid, runner_uid); +#endif if (w_op == NULL) w_op = w3mimg_x11open(); +#ifdef W3MIMGDISPLAY_SETUID + setreuid(runner_uid, owner_uid); +#endif #endif #ifdef USE_W3MIMG_FB + /* run in setuid privileges */ if (w_op == NULL) w_op = w3mimg_fbopen(); #endif diff --git a/w3mimgdisplay.c b/w3mimgdisplay.c index a51a9ef..8df2e5c 100644 --- a/w3mimgdisplay.c +++ b/w3mimgdisplay.c @@ -1,8 +1,10 @@ -/* $Id: w3mimgdisplay.c,v 1.8 2002/10/31 09:36:22 ukai Exp $ */ +/* $Id: w3mimgdisplay.c,v 1.9 2002/11/06 03:50:49 ukai Exp $ */ #include <stdio.h> #include <stdlib.h> #include <ctype.h> #include <string.h> +#include <sys/types.h> +#include <unistd.h> #include "config.h" #include "w3mimg/w3mimg.h" @@ -25,12 +27,29 @@ main(int argc, char **argv) { int len; char buf[1024 + 128]; +#ifdef W3MIMGDISPLAY_SETUID + uid_t runner_uid = getuid(); + uid_t owner_uid = geteuid(); + /* swap real and effective */ + setreuid(owner_uid, runner_uid); +#endif GetOption(argc, argv); if (!defined_debug) - fclose(stderr); + freopen("/dev/null", "w", stderr); +#ifdef W3MIMGDISPLAY_SETUID + /* + * back real and effective + * run w3mimg_open() in setuid privileges + */ + setreuid(runner_uid, owner_uid); +#endif w_op = w3mimg_open(); +#ifdef W3MIMGDISPLAY_SETUID + /* make sure drop privileges now */ + setreuid(runner_uid, runner_uid); +#endif if (w_op == NULL) exit(1); if (defined_x) |