diff options
| author | Denis Vlasenko <vda.linux@googlemail.com> | 2008-03-20 15:12:58 +0000 |
|---|---|---|
| committer | Denis Vlasenko <vda.linux@googlemail.com> | 2008-03-20 15:12:58 +0000 |
| commit | 9230582315a15dd7b95de9f03c48024858ec935d (patch) | |
| tree | 5495a94e29baa12c71e33fa8d049131fe572f881 | |
| parent | c52248e41ce50bd3fa684d19b2bce4320267dc44 (diff) | |
| download | busybox-w32-9230582315a15dd7b95de9f03c48024858ec935d.tar.gz busybox-w32-9230582315a15dd7b95de9f03c48024858ec935d.tar.bz2 busybox-w32-9230582315a15dd7b95de9f03c48024858ec935d.zip | |
inetd: use change_identity().
libbb: shrink our internal initgroups().
httpd: remove stray 'else' and 'index_page = "index.html"'
function old new delta
httpd_main 750 743 -7
inetd_main 2033 2011 -22
bb_internal_initgroups 251 228 -23
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/3 up/down: 0/-52) Total: -52 bytes
| -rw-r--r-- | libbb/change_identity.c | 2 | ||||
| -rw-r--r-- | libpwdgrp/pwd_grp.c | 27 | ||||
| -rw-r--r-- | networking/httpd.c | 6 | ||||
| -rw-r--r-- | networking/inetd.c | 13 |
4 files changed, 18 insertions, 30 deletions
diff --git a/libbb/change_identity.c b/libbb/change_identity.c index f19aa8aaa..da840bfb3 100644 --- a/libbb/change_identity.c +++ b/libbb/change_identity.c | |||
| @@ -35,7 +35,7 @@ void change_identity(const struct passwd *pw) | |||
| 35 | { | 35 | { |
| 36 | if (initgroups(pw->pw_name, pw->pw_gid) == -1) | 36 | if (initgroups(pw->pw_name, pw->pw_gid) == -1) |
| 37 | bb_perror_msg_and_die("can't set groups"); | 37 | bb_perror_msg_and_die("can't set groups"); |
| 38 | endgrent(); /* ?? */ | 38 | endgrent(); /* helps to close a fd used internally by libc */ |
| 39 | xsetgid(pw->pw_gid); | 39 | xsetgid(pw->pw_gid); |
| 40 | xsetuid(pw->pw_uid); | 40 | xsetuid(pw->pw_uid); |
| 41 | } | 41 | } |
diff --git a/libpwdgrp/pwd_grp.c b/libpwdgrp/pwd_grp.c index 7e7ff4810..3fe70f40c 100644 --- a/libpwdgrp/pwd_grp.c +++ b/libpwdgrp/pwd_grp.c | |||
| @@ -630,12 +630,11 @@ int initgroups(const char *user, gid_t gid) | |||
| 630 | char buff[PWD_BUFFER_SIZE]; | 630 | char buff[PWD_BUFFER_SIZE]; |
| 631 | 631 | ||
| 632 | rv = -1; | 632 | rv = -1; |
| 633 | grfile = fopen(_PATH_GROUP, "r"); | ||
| 634 | if (grfile != NULL) { | ||
| 633 | 635 | ||
| 634 | /* We alloc space for 8 gids at a time. */ | 636 | /* We alloc space for 8 gids at a time. */ |
| 635 | group_list = (gid_t *) malloc(8*sizeof(gid_t *)); | 637 | group_list = xmalloc(8 * sizeof(gid_t *)); |
| 636 | if (group_list | ||
| 637 | && ((grfile = fopen(_PATH_GROUP, "r")) != NULL) | ||
| 638 | ) { | ||
| 639 | *group_list = gid; | 638 | *group_list = gid; |
| 640 | num_groups = 1; | 639 | num_groups = 1; |
| 641 | 640 | ||
| @@ -645,13 +644,8 @@ int initgroups(const char *user, gid_t gid) | |||
| 645 | for (m = group.gr_mem; *m; m++) { | 644 | for (m = group.gr_mem; *m; m++) { |
| 646 | if (!strcmp(*m, user)) { | 645 | if (!strcmp(*m, user)) { |
| 647 | if (!(num_groups & 7)) { | 646 | if (!(num_groups & 7)) { |
| 648 | gid_t *tmp = (gid_t *) | 647 | gid_t *tmp = xrealloc(group_list, |
| 649 | realloc(group_list, | 648 | (num_groups+8) * sizeof(gid_t *)); |
| 650 | (num_groups+8) * sizeof(gid_t *)); | ||
| 651 | if (!tmp) { | ||
| 652 | rv = -1; | ||
| 653 | goto DO_CLOSE; | ||
| 654 | } | ||
| 655 | group_list = tmp; | 649 | group_list = tmp; |
| 656 | } | 650 | } |
| 657 | group_list[num_groups++] = group.gr_gid; | 651 | group_list[num_groups++] = group.gr_gid; |
| @@ -662,13 +656,10 @@ int initgroups(const char *user, gid_t gid) | |||
| 662 | } | 656 | } |
| 663 | 657 | ||
| 664 | rv = setgroups(num_groups, group_list); | 658 | rv = setgroups(num_groups, group_list); |
| 665 | DO_CLOSE: | 659 | free(group_list); |
| 666 | fclose(grfile); | 660 | fclose(grfile); |
| 667 | } | 661 | } |
| 668 | 662 | ||
| 669 | /* group_list will be NULL if initial malloc failed, which may trigger | ||
| 670 | * warnings from various malloc debuggers. */ | ||
| 671 | free(group_list); | ||
| 672 | return rv; | 663 | return rv; |
| 673 | } | 664 | } |
| 674 | 665 | ||
| @@ -677,7 +668,7 @@ int putpwent(const struct passwd *__restrict p, FILE *__restrict f) | |||
| 677 | int rv = -1; | 668 | int rv = -1; |
| 678 | 669 | ||
| 679 | if (!p || !f) { | 670 | if (!p || !f) { |
| 680 | errno=EINVAL; | 671 | errno = EINVAL; |
| 681 | } else { | 672 | } else { |
| 682 | /* No extra thread locking is needed above what fprintf does. */ | 673 | /* No extra thread locking is needed above what fprintf does. */ |
| 683 | if (fprintf(f, "%s:%s:%lu:%lu:%s:%s:%s\n", | 674 | if (fprintf(f, "%s:%s:%lu:%lu:%s:%s:%s\n", |
| @@ -702,7 +693,7 @@ int putgrent(const struct group *__restrict p, FILE *__restrict f) | |||
| 702 | int rv = -1; | 693 | int rv = -1; |
| 703 | 694 | ||
| 704 | if (!p || !f) { /* Sigh... glibc checks. */ | 695 | if (!p || !f) { /* Sigh... glibc checks. */ |
| 705 | errno=EINVAL; | 696 | errno = EINVAL; |
| 706 | } else { | 697 | } else { |
| 707 | if (fprintf(f, "%s:%s:%lu:", | 698 | if (fprintf(f, "%s:%s:%lu:", |
| 708 | p->gr_name, p->gr_passwd, | 699 | p->gr_name, p->gr_passwd, |
diff --git a/networking/httpd.c b/networking/httpd.c index 620e680ac..5e6037cbe 100644 --- a/networking/httpd.c +++ b/networking/httpd.c | |||
| @@ -2340,7 +2340,7 @@ int httpd_main(int argc ATTRIBUTE_UNUSED, char **argv) | |||
| 2340 | #if ENABLE_FEATURE_HTTPD_SETUID | 2340 | #if ENABLE_FEATURE_HTTPD_SETUID |
| 2341 | if (opt & OPT_SETUID) { | 2341 | if (opt & OPT_SETUID) { |
| 2342 | if (!get_uidgid(&ugid, s_ugid, 1)) | 2342 | if (!get_uidgid(&ugid, s_ugid, 1)) |
| 2343 | bb_error_msg_and_die("unrecognized user[:group] " | 2343 | bb_error_msg_and_die("unknown user[:group] " |
| 2344 | "name '%s'", s_ugid); | 2344 | "name '%s'", s_ugid); |
| 2345 | } | 2345 | } |
| 2346 | #endif | 2346 | #endif |
| @@ -2389,10 +2389,8 @@ int httpd_main(int argc ATTRIBUTE_UNUSED, char **argv) | |||
| 2389 | #if ENABLE_FEATURE_HTTPD_RELOAD_CONFIG_SIGHUP | 2389 | #if ENABLE_FEATURE_HTTPD_RELOAD_CONFIG_SIGHUP |
| 2390 | if (!(opt & OPT_INETD)) | 2390 | if (!(opt & OPT_INETD)) |
| 2391 | sighup_handler(0); | 2391 | sighup_handler(0); |
| 2392 | else /* do not install HUP handler in inetd mode */ | ||
| 2393 | #endif | 2392 | #endif |
| 2394 | index_page = "index.html"; | 2393 | parse_conf(default_path_httpd_conf, FIRST_PARSE); |
| 2395 | parse_conf(default_path_httpd_conf, FIRST_PARSE); | ||
| 2396 | 2394 | ||
| 2397 | xfunc_error_retval = 0; | 2395 | xfunc_error_retval = 0; |
| 2398 | if (opt & OPT_INETD) | 2396 | if (opt & OPT_INETD) |
diff --git a/networking/inetd.c b/networking/inetd.c index b931aa1e0..5cdfe0a22 100644 --- a/networking/inetd.c +++ b/networking/inetd.c | |||
| @@ -142,15 +142,15 @@ | |||
| 142 | /* Here's the scoop concerning the user[:group] feature: | 142 | /* Here's the scoop concerning the user[:group] feature: |
| 143 | * 1) group is not specified: | 143 | * 1) group is not specified: |
| 144 | * a) user = root: NO setuid() or setgid() is done | 144 | * a) user = root: NO setuid() or setgid() is done |
| 145 | * b) other: setgid(primary group as found in passwd) | 145 | * b) other: initgroups(name, primary group) |
| 146 | * initgroups(name, primary group) | 146 | * setgid(primary group as found in passwd) |
| 147 | * setuid() | 147 | * setuid() |
| 148 | * 2) group is specified: | 148 | * 2) group is specified: |
| 149 | * a) user = root: setgid(specified group) | 149 | * a) user = root: setgid(specified group) |
| 150 | * NO initgroups() | 150 | * NO initgroups() |
| 151 | * NO setuid() | 151 | * NO setuid() |
| 152 | * b) other: setgid(specified group) | 152 | * b) other: initgroups(name, specified group) |
| 153 | * initgroups(name, specified group) | 153 | * setgid(specified group) |
| 154 | * setuid() | 154 | * setuid() |
| 155 | */ | 155 | */ |
| 156 | 156 | ||
| @@ -1383,9 +1383,8 @@ int inetd_main(int argc ATTRIBUTE_UNUSED, char **argv) | |||
| 1383 | if (pwd->pw_uid) { | 1383 | if (pwd->pw_uid) { |
| 1384 | if (sep->se_group) | 1384 | if (sep->se_group) |
| 1385 | pwd->pw_gid = grp->gr_gid; | 1385 | pwd->pw_gid = grp->gr_gid; |
| 1386 | xsetgid(pwd->pw_gid); | 1386 | /* initgroups, setgid, setuid: */ |
| 1387 | initgroups(pwd->pw_name, pwd->pw_gid); | 1387 | change_identity(pwd); |
| 1388 | xsetuid(pwd->pw_uid); | ||
| 1389 | } else if (sep->se_group) { | 1388 | } else if (sep->se_group) { |
| 1390 | xsetgid(grp->gr_gid); | 1389 | xsetgid(grp->gr_gid); |
| 1391 | setgroups(1, &grp->gr_gid); | 1390 | setgroups(1, &grp->gr_gid); |