[PATCH 56/77] policycoreutils: sandbox: split seunshare caps

Daniel J Walsh <dwalsh@xxxxxxxxxx> · Thu, 25 Aug 2011 16:45:42 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk5WtHYACgkQrlYvE4MpobOgxQCgz2wAYFjklfAhWcoBR0CNKW8J
l9gAoNSI8HWYLGmGJOY86NI94fCTkp9g
=4IqL
-----END PGP SIGNATURE-----
>From 294a82a5ca92f0b1fc986f974c0870f91508674f Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@xxxxxxxxxx>
Date: Fri, 5 Aug 2011 13:33:35 -0400
Subject: [PATCH 56/77] policycoreutils: sandbox: split seunshare caps
 dropping

Split drop_capabilities into drop_privs, which does the same thing, and
drop_caps, which only drops caps but doesn't affect the uid.

Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
 policycoreutils/sandbox/seunshare.c |   31 +++++++++++++++++++------------
 1 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c
index 1429244..aa9d93d 100644
--- a/policycoreutils/sandbox/seunshare.c
+++ b/policycoreutils/sandbox/seunshare.c
@@ -56,21 +56,30 @@
 static int verbose = 0;
 
 /**
- * This function will drop all capabilities 
- * Returns zero on success, non-zero otherwise
+ * This function will drop all capabilities.
  */
-static int drop_capabilities(uid_t uid)
+static int drop_caps()
 {
+	if (capng_have_capabilities(CAPNG_SELECT_BOTH) == CAPNG_NONE)
+		return 0;
 	capng_clear(CAPNG_SELECT_BOTH);
-
-	if (capng_lock() < 0) 
+	if (capng_lock() == -1 || capng_apply(CAPNG_SELECT_BOTH) == -1) {
+		fprintf(stderr, _("Failed to drop all capabilities\n"));
 		return -1;
-	/* Change uid */
-	if (setresuid(uid, uid, uid)) {
-		fprintf(stderr, _("Error changing uid, aborting.\n"));
+	}
+	return 0;
+}
+
+/**
+ * This function will drop all privileges.
+ */
+static int drop_privs(uid_t uid)
+{
+	if (drop_caps() == -1 || setresuid(uid, uid, uid) == -1) {
+		fprintf(stderr, _("Failed to drop privileges\n"));
 		return -1;
 	}
-	return capng_apply(CAPNG_SELECT_BOTH);
+	return 0;
 }
 
 /**
@@ -491,10 +500,8 @@ int main(int argc, char **argv) {
 				return -1;
 	}
 
-	if (drop_capabilities(uid)) {
-		perror(_("Failed to drop all capabilities"));
+	if (drop_privs(uid))
 		return -1;
-	}
 
 	int child = fork();
 	if (child == -1) {
-- 
1.7.6





