The Samba-Bugzilla – Attachment 12670 Details for
Bug 12429
Permission 0700 on private/msg.sock folder causes messaging not working properly on Solaris system
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Test program showing the problem.
sendtest.c (text/x-csrc), 4.58 KB, created by
Jeremy Allison
on 2016-11-16 19:28:17 UTC
(
hide
)
Description:
Test program showing the problem.
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2016-11-16 19:28:17 UTC
Size:
4.58 KB
patch
obsolete
>#include <sys/types.h> >#include <sys/socket.h> >#include <sys/un.h> >#include <stdio.h> >#include <unistd.h> >#include <string.h> >#include <errno.h> >#include <stdint.h> >#include <stdlib.h> > >static int server(struct sockaddr_un *addr) >{ > int ret; > pid_t pid; > int sock; > unsigned int i; > > pid = fork(); > if (pid == (pid_t)-1) { > fprintf(stderr, "server - fork fail %s\n", strerror(errno)); > return -1; > } > > if (pid != 0) { > /* Parent. */ > return 0; > } > > /* Child. */ > sock = socket(AF_UNIX, SOCK_DGRAM, 0); > if (sock == -1) { > fprintf(stderr, "server - socket fail %s\n", strerror(errno)); > exit(1); > } > > ret = bind(sock, > (const struct sockaddr *)addr, > sizeof(*addr)); > > if (ret == -1) { > fprintf(stderr, "server - bind fail %s\n", strerror(errno)); > exit(1); > } > > for(i = 0; i < 5; i++) { > struct iovec iov; > struct msghdr msg; > uint8_t buf[4096]; > > iov = (struct iovec) { > .iov_base = buf, > .iov_len = sizeof(buf) > }; > > msg = (struct msghdr) { > .msg_iov = &iov, > .msg_iovlen = 1, > }; > > ret = recvmsg(sock, &msg, 0); > if (ret == -1) { > fprintf(stderr, "server - recvmsg fail %s\n", > strerror(errno)); > exit(1); > } > > printf("SERVER:%s\n", (char *)msg.msg_iov->iov_base); > fflush(stdout); > } > > exit(0); >} > >static void non_priv_send(struct sockaddr_un *addr, int uid) >{ > pid_t pid; > int sock; > int ret; > struct iovec iov; > struct msghdr msg; > uint8_t buf[4096]; > > pid = fork(); > if (pid == (pid_t)-1) { > fprintf(stderr, "non_priv_send - fork fail %s\n", > strerror(errno)); > return; > } > > if (pid != 0) { > /* Parent. */ > return; > } > > /* Child. */ > memcpy(buf, "TEST1\n", sizeof("TEST1\n")); > > iov = (struct iovec) { > .iov_base = buf, > .iov_len = sizeof(buf), > }; > > msg = (struct msghdr) { > .msg_name = addr, > .msg_namelen = sizeof(*addr), > .msg_iov = &iov, > .msg_iovlen = 1, > }; > > sock = socket(AF_UNIX, SOCK_DGRAM, 0); > if (sock == -1) { > fprintf(stderr, "non_priv_send - socket fail %s\n", > strerror(errno)); > exit(1); > } > > ret = setresuid(uid, uid, uid); > if (ret == -1) { > fprintf(stderr, "non_priv_send - setresuid fail %s\n", > strerror(errno)); > exit(1); > } > > ret = sendmsg(sock, &msg, 0); > > if (ret == -1) { > printf("non_priv_send - sendmsg fail (expected) %s\n", > strerror(errno)); > exit(0); > } > > fprintf(stderr, "non_priv_send - UNEXPECTED sendmsg OK\n"); > exit(1); >} > >int main(int argc, char **argv) >{ > int ret; > int sock; > int uid; > unsigned int i; > uid_t us = geteuid(); > struct sockaddr_un addr = > (struct sockaddr_un) { .sun_family = AF_UNIX }; > > /* Ensure we're root. */ > if (us != 0) { > fprintf(stderr, "%s: need to be root\n", argv[0]); > exit(1); > } > > if (argc != 3) { > fprintf(stderr, "%s: Usage %s path uid\n", > argv[0], argv[0]); > exit(1); > } > > uid = atoi(argv[2]); > if (uid == 0) { > fprintf(stderr, "%s: Usage %s path uid\n", > argv[0], argv[0]); > exit(1); > } > > unlink(argv[1]); > strncpy(addr.sun_path, argv[1], strlen(argv[1])+1); > > /* Set up the server. */ > ret = server(&addr); > if (ret == -1) { > fprintf(stderr, "%s - server fork fail %s\n", > argv[0], strerror(errno)); > exit(1); > } > > sleep(1); > > /* Chec non-priv client - should fail. */ > non_priv_send(&addr, uid); > > sleep(1); > > /* Create and connect the socket endpoint. */ > > sock = socket(AF_UNIX, SOCK_DGRAM, 0); > if (sock == -1) { > fprintf(stderr, "%s - socket fail %s\n", > argv[0], strerror(errno)); > exit(1); > } > > ret = connect(sock, (const struct sockaddr *)&addr, sizeof(addr)); > if (ret == -1) { > fprintf(stderr, "%s - connect fail %s\n", > argv[0], strerror(errno)); > exit(1); > } > > /* > * Now lose all privilages. > * The sendmsg() should still succeed as > * 'sock' has been connected to the endpoint, > * even though we don't have permissions as > * the non privileged user to access the > * UNIX domain socket. > */ > > ret = setresuid(uid, uid, uid); > if (ret == -1) { > printf("%s - setresuid fail %s\n", > argv[0], > strerror(errno)); > exit(1); > } > > for (i = 0; i < 5; i++) { > struct iovec iov; > struct msghdr msg; > uint8_t buf[4096]; > > memcpy(buf, "TEST0", sizeof("TEST0")); > buf[4] = '0' + i; > > printf("CLIENT:%s\n", buf); > > iov = (struct iovec) { > .iov_base = buf, > .iov_len = sizeof(buf), > }; > > msg = (struct msghdr) { >#if 0 > /* > * When these fields are set > * the kernel does permission > * checks and the sendmsg will > * fail with permission denied. > */ > .msg_name = &addr, > .msg_namelen = sizeof(addr), >#endif > .msg_iov = &iov, > .msg_iovlen = 1, > }; > > ret = sendmsg(sock, &msg, 0); > > if (ret == -1) { > fprintf(stderr, "%s - sendmsg fail %s\n", > argv[0], > strerror(errno)); > exit(1); > } > > fflush(stdout); > sleep(1); > } > > close(sock); > return 0; >}
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 12429
:
12669
| 12670 |
12675
|
12676