On Wed, 2013-01-30 at 13:41 +0100, Martin Wilck wrote:
> Let the map program run under the UID of the calling user.
> This enables the map program e.g. to access user credentials
> for obtaining a map.
I've been meaning to do something like this for ages.
> ---
> modules/lookup_program.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/modules/lookup_program.c b/modules/lookup_program.c
> index 2457108..68700ce 100644
> --- a/modules/lookup_program.c
> +++ b/modules/lookup_program.c
> @@ -244,6 +244,7 @@ int lookup_mount(struct autofs_point *ap, const char *name, int name_len, void *
> close(epipefd[1]);
> goto out_free;
> } else if (f == 0) {
> + struct thread_stdenv_vars *tsv;
> reset_signals();
> close(pipefd[0]);
> close(epipefd[0]);
> @@ -255,6 +256,13 @@ int lookup_mount(struct autofs_point *ap, const char *name, int name_len, void *
> warn(ap->logopt,
> MODPREFIX "failed to set PWD to %s for map %s",
> ap->path, ctxt->mapname);
> + tsv = pthread_getspecific(key_thread_stdenv_vars);
> + if (tsv && tsv->uid != 0) {
> + /* Must use setuid() here because invoking bash will
> + * set euid = ruid otherwise
> + */
> + setuid(tsv->uid);
> + }
One thing that concerned me about doing this is breaking peoples program
maps that assume privilege they previously had. OTOH, setting the uid to
the caller is definitely what should be done, IMHO.
The other thing that comes to mind is that it would be better to set the
same environment that non-program maps have, such as $HOME, $UID, etc.
for the values in the thread specific key, but that's a bit more work.
For non-program maps these values are added to the macro variables table
so they can be accessed within the map entry but for program maps the
environment variables need to be set instead, actually like your first
revision.
> execl(ctxt->mapname, ctxt->mapname, name, NULL);
> _exit(255); /* execl() failed */
> }
--
To unsubscribe from this list: send the line "unsubscribe autofs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
