We use cookies to ensure you get the best experience on our website
首頁 探索 說明
註冊 登入
0ct0pu5
/
ladybird
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: 2a78bf8596
分支列表 標籤列表
ladybird
/
Kernel
/
Syscalls
/
setuid.cpp

setuid.cpp 4.3 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187 
  1. /*
    2. 

  2.  * Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
    3. 

  3.  *
    4. 

  4.  * SPDX-License-Identifier: BSD-2-Clause
    5. 

  5.  */
    6. 

  6. 

  7. #include <Kernel/Process.h>
    8. 

  8. 

  9. namespace Kernel {
    10. 

  10. 

  11. KResultOr<FlatPtr> Process::sys$seteuid(uid_t new_euid)
    12. 

  12. {
    13. 

  13.     REQUIRE_PROMISE(id);
    14. 

  14. 

  15.     if (new_euid != uid() && new_euid != suid() && !is_superuser())
    16. 

  16.         return EPERM;
    17. 

  17. 

  18.     if (euid() != new_euid)
    19. 

  19.         set_dumpable(false);
    20. 

  20. 

  21.     ProtectedDataMutationScope scope { *this };
    22. 

  22. 

  23.     m_euid = new_euid;
    24. 

  24.     return 0;
    25. 

  25. }
    26. 

  26. 

  27. KResultOr<FlatPtr> Process::sys$setegid(gid_t new_egid)
    28. 

  28. {
    29. 

  29.     REQUIRE_PROMISE(id);
    30. 

  30. 

  31.     if (new_egid != gid() && new_egid != sgid() && !is_superuser())
    32. 

  32.         return EPERM;
    33. 

  33. 

  34.     if (egid() != new_egid)
    35. 

  35.         set_dumpable(false);
    36. 

  36. 

  37.     ProtectedDataMutationScope scope { *this };
    38. 

  38.     m_egid = new_egid;
    39. 

  39.     return 0;
    40. 

  40. }
    41. 

  41. 

  42. KResultOr<FlatPtr> Process::sys$setuid(uid_t new_uid)
    43. 

  43. {
    44. 

  44.     REQUIRE_PROMISE(id);
    45. 

  45. 

  46.     if (new_uid != uid() && new_uid != euid() && !is_superuser())
    47. 

  47.         return EPERM;
    48. 

  48. 

  49.     if (euid() != new_uid)
    50. 

  50.         set_dumpable(false);
    51. 

  51. 

  52.     ProtectedDataMutationScope scope { *this };
    53. 

  53.     m_uid = new_uid;
    54. 

  54.     m_euid = new_uid;
    55. 

  55.     m_suid = new_uid;
    56. 

  56.     return 0;
    57. 

  57. }
    58. 

  58. 

  59. KResultOr<FlatPtr> Process::sys$setgid(gid_t new_gid)
    60. 

  60. {
    61. 

  61.     REQUIRE_PROMISE(id);
    62. 

  62. 

  63.     if (new_gid != gid() && new_gid != egid() && !is_superuser())
    64. 

  64.         return EPERM;
    65. 

  65. 

  66.     if (egid() != new_gid)
    67. 

  67.         set_dumpable(false);
    68. 

  68. 

  69.     ProtectedDataMutationScope scope { *this };
    70. 

  70.     m_gid = new_gid;
    71. 

  71.     m_egid = new_gid;
    72. 

  72.     m_sgid = new_gid;
    73. 

  73.     return 0;
    74. 

  74. }
    75. 

  75. 

  76. KResultOr<FlatPtr> Process::sys$setreuid(uid_t new_ruid, uid_t new_euid)
    77. 

  77. {
    78. 

  78.     REQUIRE_PROMISE(id);
    79. 

  79. 

  80.     if (new_ruid == (uid_t)-1)
    81. 

  81.         new_ruid = uid();
    82. 

  82.     if (new_euid == (uid_t)-1)
    83. 

  83.         new_euid = euid();
    84. 

  84. 

  85.     auto ok = [this](uid_t id) { return id == uid() || id == euid() || id == suid(); };
    86. 

  86.     if (!ok(new_ruid) || !ok(new_euid))
    87. 

  87.         return EPERM;
    88. 

  88. 

  89.     if (new_ruid < (uid_t)-1 || new_euid < (uid_t)-1)
    90. 

  90.         return EINVAL;
    91. 

  91. 

  92.     if (euid() != new_euid)
    93. 

  93.         set_dumpable(false);
    94. 

  94. 

  95.     ProtectedDataMutationScope scope { *this };
    96. 

  96.     m_uid = new_ruid;
    97. 

  97.     m_euid = new_euid;
    98. 

  98.     return 0;
    99. 

  99. }
    100. 

  100. 

  101. KResultOr<FlatPtr> Process::sys$setresuid(uid_t new_ruid, uid_t new_euid, uid_t new_suid)
    102. 

  102. {
    103. 

  103.     REQUIRE_PROMISE(id);
    104. 

  104. 

  105.     if (new_ruid == (uid_t)-1)
    106. 

  106.         new_ruid = uid();
    107. 

  107.     if (new_euid == (uid_t)-1)
    108. 

  108.         new_euid = euid();
    109. 

  109.     if (new_suid == (uid_t)-1)
    110. 

  110.         new_suid = suid();
    111. 

  111. 

  112.     auto ok = [this](uid_t id) { return id == uid() || id == euid() || id == suid(); };
    113. 

  113.     if ((!ok(new_ruid) || !ok(new_euid) || !ok(new_suid)) && !is_superuser())
    114. 

  114.         return EPERM;
    115. 

  115. 

  116.     if (euid() != new_euid)
    117. 

  117.         set_dumpable(false);
    118. 

  118. 

  119.     ProtectedDataMutationScope scope { *this };
    120. 

  120.     m_uid = new_ruid;
    121. 

  121.     m_euid = new_euid;
    122. 

  122.     m_suid = new_suid;
    123. 

  123.     return 0;
    124. 

  124. }
    125. 

  125. 

  126. KResultOr<FlatPtr> Process::sys$setresgid(gid_t new_rgid, gid_t new_egid, gid_t new_sgid)
    127. 

  127. {
    128. 

  128.     REQUIRE_PROMISE(id);
    129. 

  129. 

  130.     if (new_rgid == (gid_t)-1)
    131. 

  131.         new_rgid = gid();
    132. 

  132.     if (new_egid == (gid_t)-1)
    133. 

  133.         new_egid = egid();
    134. 

  134.     if (new_sgid == (gid_t)-1)
    135. 

  135.         new_sgid = sgid();
    136. 

  136. 

  137.     auto ok = [this](gid_t id) { return id == gid() || id == egid() || id == sgid(); };
    138. 

  138.     if ((!ok(new_rgid) || !ok(new_egid) || !ok(new_sgid)) && !is_superuser())
    139. 

  139.         return EPERM;
    140. 

  140. 

  141.     if (egid() != new_egid)
    142. 

  142.         set_dumpable(false);
    143. 

  143. 

  144.     ProtectedDataMutationScope scope { *this };
    145. 

  145.     m_gid = new_rgid;
    146. 

  146.     m_egid = new_egid;
    147. 

  147.     m_sgid = new_sgid;
    148. 

  148.     return 0;
    149. 

  149. }
    150. 

  150. 

  151. KResultOr<FlatPtr> Process::sys$setgroups(size_t count, Userspace<const gid_t*> user_gids)
    152. 

  152. {
    153. 

  153.     REQUIRE_PROMISE(id);
    154. 

  154.     if (!is_superuser())
    155. 

  155.         return EPERM;
    156. 

  156. 

  157.     if (!count) {
    158. 

  158.         ProtectedDataMutationScope scope { *this };
    159. 

  159.         m_extra_gids.clear();
    160. 

  160.         return 0;
    161. 

  161.     }
    162. 

  162. 

  163.     Vector<gid_t> new_extra_gids;
    164. 

  164.     if (!new_extra_gids.try_resize(count))
    165. 

  165.         return ENOMEM;
    166. 

  166.     if (!copy_n_from_user(new_extra_gids.data(), user_gids, count))
    167. 

  167.         return EFAULT;
    168. 

  168. 

  169.     HashTable<gid_t> unique_extra_gids;
    170. 

  170.     for (auto& extra_gid : new_extra_gids) {
    171. 

  171.         if (extra_gid != gid())
    172. 

  172.             unique_extra_gids.set(extra_gid);
    173. 

  173.     }
    174. 

  174. 

  175.     ProtectedDataMutationScope scope { *this };
    176. 

  176.     if (!m_extra_gids.try_resize(unique_extra_gids.size()))
    177. 

  177.         return ENOMEM;
    178. 

  178.     size_t i = 0;
    179. 

  179.     for (auto& extra_gid : unique_extra_gids) {
    180. 

  180.         if (extra_gid == gid())
    181. 

  181.             continue;
    182. 

  182.         m_extra_gids[i++] = extra_gid;
    183. 

  183.     }
    184. 

  184.     return 0;
    185. 

  185. }
    186. 

  186. 

  187. }
    188.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5