1 files changed, 512 insertions, 0 deletions
diff --git a/busybox/applets/applets.c b/busybox/applets/applets.c
new file mode 100644
index 000000000..9db16b41d
--- /dev/null
+++ b/busybox/applets/applets.c
@@ -0,0 +1,512 @@
+/* vi: set sw=4 ts=4: */
+/*
+ * Utility routines.
+ *
+ * Copyright (C) tons of folks.  Tracking down who wrote what
+ * isn't something I'm going to worry about...  If you wrote something
+ * here, please feel free to acknowledge your work.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * Based in part on code from sash, Copyright (c) 1999 by David I. Bell
+ * Permission has been granted to redistribute this code under the GPL.
+ *
+ */
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include "busybox.h"
+const char usage_messages[] =
+#define MAKE_USAGE
+#include "usage.h"
+#include "applets.h"
+;
+#undef MAKE_USAGE
+#undef APPLET
+#undef APPLET_NOUSAGE
+#undef PROTOTYPES
+#include "applets.h"
+static struct BB_applet *applet_using;
+/* The -1 arises because of the {0,NULL,0,-1} entry above. */
+const size_t NUM_APPLETS = (sizeof (applets) / sizeof (struct BB_applet) - 1);
+#ifdef CONFIG_FEATURE_SUID
+static void check_suid (struct BB_applet *app);
+#ifdef CONFIG_FEATURE_SUID_CONFIG
+#include <sys/stat.h>
+#include <ctype.h>
+#include "pwd_.h"
+#include "grp_.h"
+static void parse_config_file (void);
+#define CONFIG_FILE "/etc/busybox.conf"
+/* applets [] is const, so we have to define this "override" structure */
+struct BB_suid_config
+{
+  struct BB_applet *m_applet;
+  uid_t m_uid;
+  gid_t m_gid;
+  mode_t m_mode;
+  struct BB_suid_config *m_next;
+};
+static struct BB_suid_config *suid_config;
+static int suid_cfg_readable;
+#endif /* CONFIG_FEATURE_SUID_CONFIG */
+#endif /* CONFIG_FEATURE_SUID */
+extern void
+bb_show_usage (void)
+{
+  const char *format_string;
+  const char *usage_string = usage_messages;
+  int i;
+  for (i = applet_using - applets; i > 0;) {
+        if (!*usage_string++) {
+          --i;
+        }
+  }
+  format_string = "%s\n\nUsage: %s %s\n\n";
+  if (*usage_string == '\b')
+        format_string = "%s\n\nNo help available.\n\n";
+  fprintf (stderr, format_string, bb_msg_full_version, applet_using->name,
+                   usage_string);
+  exit (EXIT_FAILURE);
+}
+static int
+applet_name_compare (const void *x, const void *y)
+{
+  const char *name = x;
+  const struct BB_applet *applet = y;
+  return strcmp (name, applet->name);
+}
+extern const size_t NUM_APPLETS;
+struct BB_applet *
+find_applet_by_name (const char *name)
+{
+  return bsearch (name, applets, NUM_APPLETS, sizeof (struct BB_applet),
+                                  applet_name_compare);
+}
+void
+run_applet_by_name (const char *name, int argc, char **argv)
+{
+  static int recurse_level = 0;
+  extern int been_there_done_that;      /* From busybox.c */
+#ifdef CONFIG_FEATURE_SUID_CONFIG
+  if (recurse_level == 0)
+        parse_config_file ();
+#endif
+  recurse_level++;
+  /* Do a binary search to find the applet entry given the name. */
+  if ((applet_using = find_applet_by_name (name)) != NULL) {
+        bb_applet_name = applet_using->name;
+        if (argv[1] && strcmp (argv[1], "--help") == 0) {
+          if (strcmp (applet_using->name, "busybox") == 0) {
+                if (argv[2])
+                  applet_using = find_applet_by_name (argv[2]);
+                else
+                  applet_using = NULL;
+          }
+          if (applet_using)
+                bb_show_usage ();
+          been_there_done_that = 1;
+          busybox_main (0, NULL);
+        }
+#ifdef CONFIG_FEATURE_SUID
+        check_suid (applet_using);
+#endif
+        exit ((*(applet_using->main)) (argc, argv));
+  }
+  /* Just in case they have renamed busybox - Check argv[1] */
+  if (recurse_level == 1) {
+        run_applet_by_name ("busybox", argc, argv);
+  }
+  recurse_level--;
+}
+#ifdef CONFIG_FEATURE_SUID
+#ifdef CONFIG_FEATURE_SUID_CONFIG
+/* check if u is member of group g */
+static int
+ingroup (uid_t u, gid_t g)
+{
+  struct group *grp = getgrgid (g);
+  if (grp) {
+        char **mem;
+        for (mem = grp->gr_mem; *mem; mem++) {
+          struct passwd *pwd = getpwnam (*mem);
+          if (pwd && (pwd->pw_uid == u))
+                return 1;
+        }
+  }
+  return 0;
+}
+#endif
+void
+check_suid (struct BB_applet *applet)
+{
+  uid_t ruid = getuid ();               /* real [ug]id */
+  uid_t rgid = getgid ();
+#ifdef CONFIG_FEATURE_SUID_CONFIG
+  if (suid_cfg_readable) {
+        struct BB_suid_config *sct;
+        for (sct = suid_config; sct; sct = sct->m_next) {
+          if (sct->m_applet == applet)
+                break;
+        }
+        if (sct) {
+          mode_t m = sct->m_mode;
+          if (sct->m_uid == ruid)       /* same uid */
+                m >>= 6;
+          else if ((sct->m_gid == rgid) || ingroup (ruid, sct->m_gid))  /* same group / in group */
+                m >>= 3;
+          if (!(m & S_IXOTH))           /* is x bit not set ? */
+                bb_error_msg_and_die ("You have no permission to run this applet!");
+          if ((sct->m_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {     /* *both* have to be set for sgid */
+                if (setegid (sct->m_gid))
+                  bb_error_msg_and_die
+                        ("BusyBox binary has insufficient rights to set proper GID for applet!");
+          } else
+                setgid (rgid);                  /* no sgid -> drop */
+          if (sct->m_mode & S_ISUID) {
+                if (seteuid (sct->m_uid))
+                  bb_error_msg_and_die
+                        ("BusyBox binary has insufficient rights to set proper UID for applet!");
+          } else
+                setuid (ruid);                  /* no suid -> drop */
+        } else {
+                /* default: drop all priviledges */
+          setgid (rgid);
+          setuid (ruid);
+        }
+        return;
+  } else {
+#ifndef CONFIG_FEATURE_SUID_CONFIG_QUIET
+        static int onetime = 0;
+        if (!onetime) {
+          onetime = 1;
+          fprintf (stderr, "Using fallback suid method\n");
+        }
+#endif
+  }
+#endif
+  if (applet->need_suid == _BB_SUID_ALWAYS) {
+        if (geteuid () != 0)
+          bb_error_msg_and_die ("This applet requires root priviledges!");
+  } else if (applet->need_suid == _BB_SUID_NEVER) {
+        setgid (rgid);                          /* drop all priviledges */
+        setuid (ruid);
+  }
+}
+#ifdef CONFIG_FEATURE_SUID_CONFIG
+/* This should probably be a libbb routine.  In that case,
+ * I'd probably rename it to something like bb_trimmed_slice.
+ */
+static char *get_trimmed_slice(char *s, char *e)
+{
+        /* First, consider the value at e to be nul and back up until we
+         * reach a non-space char.  Set the char after that (possibly at
+         * the original e) to nul. */
+        while (e-- > s) {
+                if (!isspace(*e)) {
+                        break;
+                }
+        }
+        e[1] = 0;
+        /* Next, advance past all leading space and return a ptr to the
+         * first non-space char; possibly the terminating nul. */
+        return (char *) bb_skip_whitespace(s);
+}
+#define parse_error(x)  { err=x; goto pe_label; }
+/* Don't depend on the tools to combine strings. */
+static const char config_file[] = CONFIG_FILE;
+/* There are 4 chars + 1 nul for each of user/group/other. */
+static const char mode_chars[] = "Ssx-\0Ssx-\0Ttx-";
+/* We don't supply a value for the nul, so an index adjustment is
+ * necessary below.  Also, we use unsigned short here to save some
+ * space even though these are really mode_t values. */
+static const unsigned short mode_mask[] = {
+        /*  SST         sst                 xxx   --- */
+        S_ISUID,    S_ISUID|S_IXUSR,    S_IXUSR,    0,  /* user */
+        S_ISGID,    S_ISGID|S_IXGRP,    S_IXGRP,    0,  /* group */
+        0,          S_IXOTH,            S_IXOTH,    0   /* other */
+};
+static void parse_config_file(void)
+{
+        struct BB_suid_config *sct_head;
+        struct BB_suid_config *sct;
+        struct BB_applet *applet;
+        FILE *f;
+        char *err;
+        char *s;
+        char *e;
+        int i, lc, section;
+        char buffer[256];
+        struct stat st;
+        assert(!suid_config);           /* Should be set to NULL by bss init. */
+        if ((stat(config_file, &st) != 0)                       /* No config file? */
+                || !S_ISREG(st.st_mode)                                 /* Not a regular file? */
+                || (st.st_uid != 0)                                             /* Not owned by root? */
+                || (st.st_mode & (S_IWGRP | S_IWOTH))   /* Writable by non-root? */
+                || !(f = fopen(config_file, "r"))               /* Can not open? */
+                ) {
+                return;
+        }
+        suid_cfg_readable = 1;
+        sct_head = NULL;
+        section = lc = 0;
+        do {
+                s = buffer;
+                if (!fgets(s, sizeof(buffer), f)) { /* Are we done? */
+                        if (ferror(f)) {   /* Make sure it wasn't a read error. */
+                                parse_error("reading");
+                        }
+                        fclose(f);
+                        suid_config = sct_head; /* Success, so set the pointer. */
+                        return;
+                }
+                lc++;                                   /* Got a (partial) line. */
+                /* If a line is too long for our buffer, we consider it an error.
+                 * The following test does mistreat one corner case though.
+                 * If the final line of the file does not end with a newline and
+                 * yet exactly fills the buffer, it will be treated as too long
+                 * even though there isn't really a problem.  But it isn't really
+                 * worth adding code to deal with such an unlikely situation, and
+                 * we do err on the side of caution.  Besides, the line would be
+                 * too long if it did end with a newline. */
+                if (!strchr(s, '\n') && !feof(f)) {
+                        parse_error("line too long");
+                }
+                /* Trim leading and trailing whitespace, ignoring comments, and
+                 * check if the resulting string is empty. */
+                if (!*(s = get_trimmed_slice(s, strchrnul(s, '#')))) {
+                        continue;
+                }
+                /* Check for a section header. */
+                if (*s == '[') {
+                        /* Unlike the old code, we ignore leading and trailing
+                         * whitespace for the section name.  We also require that
+                         * there are no stray characters after the closing bracket. */
+                        if (!(e = strchr(s, ']'))       /* Missing right bracket? */
+                                || e[1]                                 /* Trailing characters? */
+                                || !*(s = get_trimmed_slice(s+1, e)) /* Missing name? */
+                                ) {
+                                parse_error("section header");
+                        }
+                        /* Right now we only have one section so just check it.
+                         * If more sections are added in the future, please don't
+                         * resort to cascading ifs with multiple strcasecmp calls.
+                         * That kind of bloated code is all too common.  A loop
+                         * and a string table would be a better choice unless the
+                         * number of sections is very small. */
+                        if (strcasecmp(s, "SUID") == 0) {
+                                section = 1;
+                                continue;
+                        }
+                        section = -1;   /* Unknown section so set to skip. */
+                        continue;
+                }
+                /* Process sections. */
+                if (section == 1) {             /* SUID */
+                        /* Since we trimmed leading and trailing space above, we're
+                         * now looking for strings of the form
+                         *    <key>[::space::]*=[::space::]*<value>
+                         * where both key and value could contain inner whitespace. */
+                        /* First get the key (an applet name in our case). */
+                        if (!!(e = strchr(s, '='))) {
+                                s = get_trimmed_slice(s, e);
+                        }
+                        if (!e || !*s) {        /* Missing '=' or empty key. */
+                                parse_error("keyword");
+                        }
+                        /* Ok, we have an applet name.  Process the rhs if this
+                         * applet is currently built in and ignore it otherwise.
+                         * Note: This can hide config file bugs which only pop
+                         * up when the busybox configuration is changed. */
+                        if ((applet = find_applet_by_name(s))) {
+                                /* Note: We currently don't check for duplicates!
+                                 * The last config line for each applet will be the
+                                 * one used since we insert at the head of the list.
+                                 * I suppose this could be considered a feature. */
+                                sct = xmalloc(sizeof(struct BB_suid_config));
+                                sct->m_applet = applet;
+                                sct->m_mode = 0;
+                                sct->m_next = sct_head;
+                                sct_head = sct;
+                                /* Get the specified mode. */
+                                e = (char *) bb_skip_whitespace(e+1);
+                                for (i=0 ; i < 3 ; i++) {
+                                        const char *q;
+                                        if (!*(q = strchrnul(mode_chars + 5*i, *e++))) {
+                                                parse_error("mode");
+                                        }
+                                        /* Adjust by -i to account for nul. */
+                                        sct->m_mode |= mode_mask[(q - mode_chars) - i];
+                                }
+                                /* Now get the the user/group info. */
+                
+                                s = (char *) bb_skip_whitespace(e);
+                                /* Note: We require whitespace between the mode and the
+                                 * user/group info. */
+                                if ((s == e) || !(e = strchr(s, '.'))) {
+                                        parse_error("<uid>.<gid>");
+                                }
+                                *e++ = 0;
+                                /* We can't use get_ug_id here since it would exit()
+                                 * if a uid or gid was not found.  Oh well... */
+                                {
+                                        char *e2;
+                                        sct->m_uid = strtoul(s, &e2, 10);
+                                        if (*e2 || (s == e2)) {
+                                                struct passwd *pwd;
+                                                if (!(pwd = getpwnam(s))) {
+                                                        parse_error("user");
+                                                }
+                                                sct->m_uid = pwd->pw_uid;
+                                        }
+                                        sct->m_gid = strtoul(e, &e2, 10);
+                                        if (*e2 || (e == e2)) {
+                                                struct group *grp;
+                                                if (!(grp = getgrnam(e))) {
+                                                        parse_error("group");
+                                                }
+                                                sct->m_gid = grp->gr_gid;
+                                        }
+                                }
+                        }
+                        continue;
+                }
+                /* Unknown sections are ignored. */
+                /* Encountering configuration lines prior to seeing a
+                 * section header is treated as an error.  This is how
+                 * the old code worked, but it may not be desirable.
+                 * We may want to simply ignore such lines in case they
+                 * are used in some future version of busybox. */
+                if (!section) {
+                        parse_error("keyword outside section");
+                }
+        } while (1);
+ pe_label:
+        fprintf(stderr, "Parse error in %s, line %d: %s\n",
+                        config_file, lc, err);
+        fclose(f);
+        /* Release any allocated memory before returning. */
+        while (sct_head) {
+                sct = sct_head->m_next;
+                free(sct_head);
+                sct_head = sct;
+        }
+        return;
+}
+#endif
+#endif
+/* END CODE */
+/*
+  Local Variables:
+  c-file-style: "linux"
+  c-basic-offset: 4
+  tab-width: 4
+End:
+*/

diff --git a/busybox/applets/applets.c b/busybox/applets/applets.c new file mode 100644 index 000000000..9db16b41d --- /dev/null +++ b/busybox/applets/applets.c
@@ -0,0 +1,512 @@
	1	/* vi: set sw=4 ts=4: */
	2	/*
	3	* Utility routines.
	4	*
	5	* Copyright (C) tons of folks. Tracking down who wrote what
	6	* isn't something I'm going to worry about... If you wrote something
	7	* here, please feel free to acknowledge your work.
	8	*
	9	* This program is free software; you can redistribute it and/or modify
	10	* it under the terms of the GNU General Public License as published by
	11	* the Free Software Foundation; either version 2 of the License, or
	12	* (at your option) any later version.
	13	*
	14	* This program is distributed in the hope that it will be useful,
	15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	* General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU General Public License
	20	* along with this program; if not, write to the Free Software
	21	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	22	*
	23	* Based in part on code from sash, Copyright (c) 1999 by David I. Bell
	24	* Permission has been granted to redistribute this code under the GPL.
	25	*
	26	*/
	27
	28	#include <unistd.h>
	29	#include <stdio.h>
	30	#include <stdlib.h>
	31	#include <string.h>
	32	#include <assert.h>
	33	#include "busybox.h"
	34
	35	const char usage_messages[] =
	36
	37	#define MAKE_USAGE
	38	#include "usage.h"
	39
	40	#include "applets.h"
	41
	42	;
	43
	44	#undef MAKE_USAGE
	45	#undef APPLET
	46	#undef APPLET_NOUSAGE
	47	#undef PROTOTYPES
	48	#include "applets.h"
	49
	50
	51	static struct BB_applet *applet_using;
	52
	53	/* The -1 arises because of the {0,NULL,0,-1} entry above. */
	54	const size_t NUM_APPLETS = (sizeof (applets) / sizeof (struct BB_applet) - 1);
	55
	56
	57	#ifdef CONFIG_FEATURE_SUID
	58
	59	static void check_suid (struct BB_applet *app);
	60
	61	#ifdef CONFIG_FEATURE_SUID_CONFIG
	62
	63	#include <sys/stat.h>
	64	#include <ctype.h>
	65	#include "pwd_.h"
	66	#include "grp_.h"
	67
	68	static void parse_config_file (void);
	69
	70	#define CONFIG_FILE "/etc/busybox.conf"
	71
	72	/* applets [] is const, so we have to define this "override" structure */
	73	struct BB_suid_config
	74	{
	75	struct BB_applet *m_applet;
	76
	77	uid_t m_uid;
	78	gid_t m_gid;
	79	mode_t m_mode;
	80
	81	struct BB_suid_config *m_next;
	82	};
	83
	84	static struct BB_suid_config *suid_config;
	85	static int suid_cfg_readable;
	86
	87	#endif /* CONFIG_FEATURE_SUID_CONFIG */
	88
	89	#endif /* CONFIG_FEATURE_SUID */
	90
	91
	92
	93	extern void
	94	bb_show_usage (void)
	95	{
	96	const char *format_string;
	97	const char *usage_string = usage_messages;
	98	int i;
	99
	100	for (i = applet_using - applets; i > 0;) {
	101	if (!*usage_string++) {
	102	--i;
	103	}
	104	}
	105
	106	format_string = "%s\n\nUsage: %s %s\n\n";
	107	if (*usage_string == '\b')
	108	format_string = "%s\n\nNo help available.\n\n";
	109	fprintf (stderr, format_string, bb_msg_full_version, applet_using->name,
	110	usage_string);
	111
	112	exit (EXIT_FAILURE);
	113	}
	114
	115	static int
	116	applet_name_compare (const void x, const void y)
	117	{
	118	const char *name = x;
	119	const struct BB_applet *applet = y;
	120
	121	return strcmp (name, applet->name);
	122	}
	123
	124	extern const size_t NUM_APPLETS;
	125
	126	struct BB_applet *
	127	find_applet_by_name (const char *name)
	128	{
	129	return bsearch (name, applets, NUM_APPLETS, sizeof (struct BB_applet),
	130	applet_name_compare);
	131	}
	132
	133	void
	134	run_applet_by_name (const char name, int argc, char *argv)
	135	{
	136	static int recurse_level = 0;
	137	extern int been_there_done_that; /* From busybox.c */
	138
	139	#ifdef CONFIG_FEATURE_SUID_CONFIG
	140	if (recurse_level == 0)
	141	parse_config_file ();
	142	#endif
	143
	144	recurse_level++;
	145	/* Do a binary search to find the applet entry given the name. */
	146	if ((applet_using = find_applet_by_name (name)) != NULL) {
	147	bb_applet_name = applet_using->name;
	148	if (argv[1] && strcmp (argv[1], "--help") == 0) {
	149	if (strcmp (applet_using->name, "busybox") == 0) {
	150	if (argv[2])
	151	applet_using = find_applet_by_name (argv[2]);
	152	else
	153	applet_using = NULL;
	154	}
	155	if (applet_using)
	156	bb_show_usage ();
	157	been_there_done_that = 1;
	158	busybox_main (0, NULL);
	159	}
	160	#ifdef CONFIG_FEATURE_SUID
	161	check_suid (applet_using);
	162	#endif
	163
	164	exit ((*(applet_using->main)) (argc, argv));
	165	}
	166	/* Just in case they have renamed busybox - Check argv[1] */
	167	if (recurse_level == 1) {
	168	run_applet_by_name ("busybox", argc, argv);
	169	}
	170	recurse_level--;
	171	}
	172
	173
	174	#ifdef CONFIG_FEATURE_SUID
	175
	176	#ifdef CONFIG_FEATURE_SUID_CONFIG
	177
	178	/* check if u is member of group g */
	179	static int
	180	ingroup (uid_t u, gid_t g)
	181	{
	182	struct group *grp = getgrgid (g);
	183
	184	if (grp) {
	185	char **mem;
	186
	187	for (mem = grp->gr_mem; *mem; mem++) {
	188	struct passwd pwd = getpwnam (mem);
	189
	190	if (pwd && (pwd->pw_uid == u))
	191	return 1;
	192	}
	193	}
	194	return 0;
	195	}
	196
	197	#endif
	198
	199
	200	void
	201	check_suid (struct BB_applet *applet)
	202	{
	203	uid_t ruid = getuid (); /* real [ug]id */
	204	uid_t rgid = getgid ();
	205
	206	#ifdef CONFIG_FEATURE_SUID_CONFIG
	207	if (suid_cfg_readable) {
	208	struct BB_suid_config *sct;
	209
	210	for (sct = suid_config; sct; sct = sct->m_next) {
	211	if (sct->m_applet == applet)
	212	break;
	213	}
	214	if (sct) {
	215	mode_t m = sct->m_mode;
	216
	217	if (sct->m_uid == ruid) /* same uid */
	218	m >>= 6;
	219	else if ((sct->m_gid == rgid) \|\| ingroup (ruid, sct->m_gid)) /* same group / in group */
	220	m >>= 3;
	221
	222	if (!(m & S_IXOTH)) /* is x bit not set ? */
	223	bb_error_msg_and_die ("You have no permission to run this applet!");
	224
	225	if ((sct->m_mode & (S_ISGID \| S_IXGRP)) == (S_ISGID \| S_IXGRP)) { /* both have to be set for sgid */
	226	if (setegid (sct->m_gid))
	227	bb_error_msg_and_die
	228	("BusyBox binary has insufficient rights to set proper GID for applet!");
	229	} else
	230	setgid (rgid); /* no sgid -> drop */
	231
	232	if (sct->m_mode & S_ISUID) {
	233	if (seteuid (sct->m_uid))
	234	bb_error_msg_and_die
	235	("BusyBox binary has insufficient rights to set proper UID for applet!");
	236	} else
	237	setuid (ruid); /* no suid -> drop */
	238	} else {
	239	/* default: drop all priviledges */
	240	setgid (rgid);
	241	setuid (ruid);
	242	}
	243	return;
	244	} else {
	245	#ifndef CONFIG_FEATURE_SUID_CONFIG_QUIET
	246	static int onetime = 0;
	247
	248	if (!onetime) {
	249	onetime = 1;
	250	fprintf (stderr, "Using fallback suid method\n");
	251	}
	252	#endif
	253	}
	254	#endif
	255
	256	if (applet->need_suid == _BB_SUID_ALWAYS) {
	257	if (geteuid () != 0)
	258	bb_error_msg_and_die ("This applet requires root priviledges!");
	259	} else if (applet->need_suid == _BB_SUID_NEVER) {
	260	setgid (rgid); /* drop all priviledges */
	261	setuid (ruid);
	262	}
	263	}
	264
	265	#ifdef CONFIG_FEATURE_SUID_CONFIG
	266
	267	/* This should probably be a libbb routine. In that case,
	268	* I'd probably rename it to something like bb_trimmed_slice.
	269	*/
	270	static char get_trimmed_slice(char s, char *e)
	271	{
	272	/* First, consider the value at e to be nul and back up until we
	273	* reach a non-space char. Set the char after that (possibly at
	274	* the original e) to nul. */
	275	while (e-- > s) {
	276	if (!isspace(*e)) {
	277	break;
	278	}
	279	}
	280	e[1] = 0;
	281
	282	/* Next, advance past all leading space and return a ptr to the
	283	* first non-space char; possibly the terminating nul. */
	284	return (char *) bb_skip_whitespace(s);
	285	}
	286
	287
	288	#define parse_error(x) { err=x; goto pe_label; }
	289
	290	/* Don't depend on the tools to combine strings. */
	291	static const char config_file[] = CONFIG_FILE;
	292
	293	/* There are 4 chars + 1 nul for each of user/group/other. */
	294	static const char mode_chars[] = "Ssx-\0Ssx-\0Ttx-";
	295
	296	/* We don't supply a value for the nul, so an index adjustment is
	297	* necessary below. Also, we use unsigned short here to save some
	298	* space even though these are really mode_t values. */
	299	static const unsigned short mode_mask[] = {
	300	/* SST sst xxx --- */
	301	S_ISUID, S_ISUID\|S_IXUSR, S_IXUSR, 0, /* user */
	302	S_ISGID, S_ISGID\|S_IXGRP, S_IXGRP, 0, /* group */
	303	0, S_IXOTH, S_IXOTH, 0 /* other */
	304	};
	305
	306	static void parse_config_file(void)
	307	{
	308	struct BB_suid_config *sct_head;
	309	struct BB_suid_config *sct;
	310	struct BB_applet *applet;
	311	FILE *f;
	312	char *err;
	313	char *s;
	314	char *e;
	315	int i, lc, section;
	316	char buffer[256];
	317	struct stat st;
	318
	319	assert(!suid_config); /* Should be set to NULL by bss init. */
	320
	321	if ((stat(config_file, &st) != 0) /* No config file? */
	322	\|\| !S_ISREG(st.st_mode) /* Not a regular file? */
	323	\|\| (st.st_uid != 0) /* Not owned by root? */
	324	\|\| (st.st_mode & (S_IWGRP \| S_IWOTH)) /* Writable by non-root? */
	325	\|\| !(f = fopen(config_file, "r")) /* Can not open? */
	326	) {
	327	return;
	328	}
	329
	330	suid_cfg_readable = 1;
	331	sct_head = NULL;
	332	section = lc = 0;
	333
	334	do {
	335	s = buffer;
	336
	337	if (!fgets(s, sizeof(buffer), f)) { /* Are we done? */
	338	if (ferror(f)) { /* Make sure it wasn't a read error. */
	339	parse_error("reading");
	340	}
	341	fclose(f);
	342	suid_config = sct_head; /* Success, so set the pointer. */
	343	return;
	344	}
	345
	346	lc++; /* Got a (partial) line. */
	347
	348	/* If a line is too long for our buffer, we consider it an error.
	349	* The following test does mistreat one corner case though.
	350	* If the final line of the file does not end with a newline and
	351	* yet exactly fills the buffer, it will be treated as too long
	352	* even though there isn't really a problem. But it isn't really
	353	* worth adding code to deal with such an unlikely situation, and
	354	* we do err on the side of caution. Besides, the line would be
	355	* too long if it did end with a newline. */
	356	if (!strchr(s, '\n') && !feof(f)) {
	357	parse_error("line too long");
	358	}
	359
	360	/* Trim leading and trailing whitespace, ignoring comments, and
	361	* check if the resulting string is empty. */
	362	if (!*(s = get_trimmed_slice(s, strchrnul(s, '#')))) {
	363	continue;
	364	}
	365
	366	/* Check for a section header. */
	367
	368	if (*s == '[') {
	369	/* Unlike the old code, we ignore leading and trailing
	370	* whitespace for the section name. We also require that
	371	* there are no stray characters after the closing bracket. */
	372	if (!(e = strchr(s, ']')) /* Missing right bracket? */
	373	\|\| e[1] /* Trailing characters? */
	374	\|\| !(s = get_trimmed_slice(s+1, e)) / Missing name? */
	375	) {
	376	parse_error("section header");
	377	}
	378	/* Right now we only have one section so just check it.
	379	* If more sections are added in the future, please don't
	380	* resort to cascading ifs with multiple strcasecmp calls.
	381	* That kind of bloated code is all too common. A loop
	382	* and a string table would be a better choice unless the
	383	* number of sections is very small. */
	384	if (strcasecmp(s, "SUID") == 0) {
	385	section = 1;
	386	continue;
	387	}
	388	section = -1; /* Unknown section so set to skip. */
	389	continue;
	390	}
	391
	392	/* Process sections. */
	393
	394	if (section == 1) { /* SUID */
	395	/* Since we trimmed leading and trailing space above, we're
	396	* now looking for strings of the form
	397	* <key>[::space::]=[::space::]<value>
	398	* where both key and value could contain inner whitespace. */
	399
	400	/* First get the key (an applet name in our case). */
	401	if (!!(e = strchr(s, '='))) {
	402	s = get_trimmed_slice(s, e);
	403	}
	404	if (!e \|\| !s) { / Missing '=' or empty key. */
	405	parse_error("keyword");
	406	}
	407
	408	/* Ok, we have an applet name. Process the rhs if this
	409	* applet is currently built in and ignore it otherwise.
	410	* Note: This can hide config file bugs which only pop
	411	* up when the busybox configuration is changed. */
	412	if ((applet = find_applet_by_name(s))) {
	413	/* Note: We currently don't check for duplicates!
	414	* The last config line for each applet will be the
	415	* one used since we insert at the head of the list.
	416	* I suppose this could be considered a feature. */
	417	sct = xmalloc(sizeof(struct BB_suid_config));
	418	sct->m_applet = applet;
	419	sct->m_mode = 0;
	420	sct->m_next = sct_head;
	421	sct_head = sct;
	422
	423	/* Get the specified mode. */
	424
	425	e = (char *) bb_skip_whitespace(e+1);
	426
	427	for (i=0 ; i < 3 ; i++) {
	428	const char *q;
	429	if (!(q = strchrnul(mode_chars + 5i, *e++))) {
	430	parse_error("mode");
	431	}
	432	/* Adjust by -i to account for nul. */
	433	sct->m_mode \|= mode_mask[(q - mode_chars) - i];
	434	}
	435
	436	/* Now get the the user/group info. */
	437
	438	s = (char *) bb_skip_whitespace(e);
	439
	440	/* Note: We require whitespace between the mode and the
	441	* user/group info. */
	442	if ((s == e) \|\| !(e = strchr(s, '.'))) {
	443	parse_error("<uid>.<gid>");
	444	}
	445	*e++ = 0;
	446
	447	/* We can't use get_ug_id here since it would exit()
	448	* if a uid or gid was not found. Oh well... */
	449	{
	450	char *e2;
	451
	452	sct->m_uid = strtoul(s, &e2, 10);
	453	if (*e2 \|\| (s == e2)) {
	454	struct passwd *pwd;
	455	if (!(pwd = getpwnam(s))) {
	456	parse_error("user");
	457	}
	458	sct->m_uid = pwd->pw_uid;
	459	}
	460
	461	sct->m_gid = strtoul(e, &e2, 10);
	462	if (*e2 \|\| (e == e2)) {
	463	struct group *grp;
	464	if (!(grp = getgrnam(e))) {
	465	parse_error("group");
	466	}
	467	sct->m_gid = grp->gr_gid;
	468	}
	469	}
	470	}
	471	continue;
	472	}
	473
	474	/* Unknown sections are ignored. */
	475
	476	/* Encountering configuration lines prior to seeing a
	477	* section header is treated as an error. This is how
	478	* the old code worked, but it may not be desirable.
	479	* We may want to simply ignore such lines in case they
	480	* are used in some future version of busybox. */
	481	if (!section) {
	482	parse_error("keyword outside section");
	483	}
	484
	485	} while (1);
	486
	487	pe_label:
	488	fprintf(stderr, "Parse error in %s, line %d: %s\n",
	489	config_file, lc, err);
	490
	491	fclose(f);
	492	/* Release any allocated memory before returning. */
	493	while (sct_head) {
	494	sct = sct_head->m_next;
	495	free(sct_head);
	496	sct_head = sct;
	497	}
	498	return;
	499	}
	500
	501	#endif
	502
	503	#endif
	504
	505	/* END CODE */
	506	/*
	507	Local Variables:
	508	c-file-style: "linux"
	509	c-basic-offset: 4
	510	tab-width: 4
	511	End:
	512	*/