From: Christian Grothoff Date: Wed, 25 Jan 2012 20:16:08 +0000 (+0000) Subject: -check for SUID helper X-Git-Tag: initial-import-from-subversion-38251~15098 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f46035b9126e0bfe6521f2f3e7b66fa6e0bc93d3;p=oweals%2Fgnunet.git -check for SUID helper --- diff --git a/src/exit/gnunet-daemon-exit.c b/src/exit/gnunet-daemon-exit.c index dc9991422..86a24ff1c 100644 --- a/src/exit/gnunet-daemon-exit.c +++ b/src/exit/gnunet-daemon-exit.c @@ -219,6 +219,11 @@ struct TunnelState }; +/** + * Return value from 'main'. + */ +static int global_ret; + /** * The handle to the configuration used throughout the process */ @@ -2970,6 +2975,15 @@ run (void *cls, char *const *args GNUNET_UNUSED, char *ipv4addr; char *ipv4mask; + if (GNUNET_YES != + GNUNET_OS_check_helper_binary ("gnunet-helper-exit")) + { + fprintf (stderr, + "`%s' is not SUID, refusing to run.\n", + "gnunet-helper-exit"); + global_ret = 1; + return; + } cfg = cfg_; stats = GNUNET_STATISTICS_create ("exit", cfg); ipv4_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "EXIT_IPV4"); @@ -3151,7 +3165,7 @@ main (int argc, char *const *argv) GNUNET_PROGRAM_run (argc, argv, "gnunet-daemon-exit", gettext_noop ("Daemon to run to provide an IP exit node for the VPN"), - options, &run, NULL)) ? 0 : 1; + options, &run, NULL)) ? global_ret : 1; } diff --git a/src/exit/gnunet-helper-exit.c b/src/exit/gnunet-helper-exit.c index 76d14d5bc..db1401e89 100644 --- a/src/exit/gnunet-helper-exit.c +++ b/src/exit/gnunet-helper-exit.c @@ -180,7 +180,8 @@ init_tun (char *dev) if (-1 == ioctl (fd, TUNSETIFF, (void *) &ifr)) { - fprintf (stderr, "Error with ioctl on `%s': %s\n", "/dev/net/tun", + fprintf (stderr, + "Error with ioctl on `%s': %s\n", "/dev/net/tun", strerror (errno)); (void) close (fd); return -1;