ALT Linux Sisyphus

diff -uprk.orig tcptraceroute-1.5beta6.orig/configure.ac tcptraceroute-1.5beta6/configure.ac

--- tcptraceroute-1.5beta6.orig/configure.ac	2004-12-28 06:40:54 +0300
+++ tcptraceroute-1.5beta6/configure.ac	2005-01-03 19:44:57 +0300
@@ -24,6 +24,7 @@ AC_CHECK_FUNC(gethostbyname, ,[AC_CHECK_
 AC_CHECK_FUNC(socket, ,[AC_CHECK_LIB(socket, socket)])
 AC_CHECK_FUNC(connect, ,[AC_CHECK_LIB(inet, connect)])
 AC_CHECK_FUNC(inet_aton, ,[AC_CHECK_LIB(resolv, inet_aton)])
+AC_CHECK_LIB(cap, cap_from_text, ,[AC_MSG_ERROR([cannot find libcap])])
 
 AC_ARG_WITH(pcap, [],
 	[
diff -uprk.orig tcptraceroute-1.5beta6.orig/droppriv.c tcptraceroute-1.5beta6/droppriv.c
--- tcptraceroute-1.5beta6.orig/droppriv.c	1970-01-01 03:00:00 +0300
+++ tcptraceroute-1.5beta6/droppriv.c	2005-01-03 19:44:57 +0300
@@ -0,0 +1,97 @@
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <stdlib.h>
+#include <error.h>
+#include <errno.h>
+#include <unistd.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include <sys/capability.h>
+#include <sys/prctl.h>
+
+#include "droppriv.h"
+
+uid_t user_uid = -1;
+
+void
+priv_minimize (void)
+{
+	const char *dir = "/var/resolv";
+	cap_t   caps;
+	uid_t uid;
+	gid_t gid;
+
+	user_uid = getuid ();
+	if (user_uid && geteuid())
+		return;
+
+	if (setgroups (0, NULL) < 0)
+		error (EXIT_FAILURE, errno, "setgroups");
+
+	if (prctl (PR_SET_KEEPCAPS, 1))
+		error (EXIT_FAILURE, errno, "prctl (PR_SET_KEEPCAPS, 1) failed");
+
+	if (user_uid == 0)
+	{
+		const char user[] = "iputils";
+		struct passwd *pw = getpwnam (user);
+
+		if (!pw)
+			error (EXIT_FAILURE, 0, "lookup of user \"%s\" failed", user);
+
+		gid = pw->pw_gid;
+		uid = pw->pw_uid;
+		endpwent ();
+
+		if (uid == 0)
+			error (EXIT_FAILURE, 0, "user \"%s\" shouldn't be root", user);
+	} else {
+		uid = user_uid;
+		gid = getgid ();
+	}
+
+	if (chroot (dir) < 0 || chdir ("/") < 0)
+		error (EXIT_FAILURE, errno, "chroot to \"%s\" failed", dir);
+
+	if (setgid (gid) < 0)
+		error (EXIT_FAILURE, errno, "setgid");
+
+	caps = cap_from_text ("cap_setuid,cap_net_raw,cap_net_bind_service=ep");
+	if (!caps)
+		error (EXIT_FAILURE, errno, "cap_from_text failed");
+
+	if (cap_set_proc (caps) < 0)
+		error (EXIT_FAILURE, errno, "cap_set_proc failed");
+
+	cap_free (caps);
+
+	if (setreuid (uid, uid) < 0)
+		error (EXIT_FAILURE, errno, "setreuid");
+
+	caps = cap_from_text ("cap_net_raw,cap_net_bind_service=ep");
+	if (!caps)
+		error (EXIT_FAILURE, errno, "cap_from_text failed");
+
+	if (cap_set_proc (caps) < 0)
+		error (EXIT_FAILURE, errno, "cap_set_proc failed");
+
+	cap_free (caps);
+}
+
+void
+priv_drop (void)
+{
+	cap_t   caps;
+
+	caps = cap_from_text ("all-ep");
+	if (!caps)
+		error (EXIT_FAILURE, errno, "cap_from_text failed");
+
+	if (cap_set_proc (caps) < 0)
+		error (EXIT_FAILURE, errno, "cap_set_proc failed");
+
+	cap_free (caps);
+}
diff -uprk.orig tcptraceroute-1.5beta6.orig/droppriv.h tcptraceroute-1.5beta6/droppriv.h
--- tcptraceroute-1.5beta6.orig/droppriv.h	1970-01-01 03:00:00 +0300
+++ tcptraceroute-1.5beta6/droppriv.h	2005-01-03 19:44:57 +0300
@@ -0,0 +1,12 @@
+#ifndef TCPTRACEROUTE_DROPPRIV_H__
+#define TCPTRACEROUTE_DROPPRIV_H__
+
+#include <sys/types.h>
+
+extern void priv_minimize(void);
+extern void priv_drop(void);
+
+extern uid_t user_uid;
+
+#endif /* TCPTRACEROUTE_DROPPRIV_H__ */
+
diff -uprk.orig tcptraceroute-1.5beta6.orig/main.c tcptraceroute-1.5beta6/main.c
--- tcptraceroute-1.5beta6.orig/main.c	2005-01-03 19:44:26 +0300
+++ tcptraceroute-1.5beta6/main.c	2005-01-03 19:47:27 +0300
@@ -21,6 +21,7 @@
  */
 
 #include "tcptraceroute.h"
+#include "droppriv.h"
 
 /* globals */
 u_long dst_ip, src_ip, isn;
@@ -249,6 +250,8 @@ int main(int argc, char **argv)
 	char *optstring, *s;
 	int op, i, exitcode;
 
+	priv_minimize();
+
 	src_ip	= 0;
 	src_prt = 0;
 	dst_prt	= DEFAULT_PORT;
@@ -450,7 +453,7 @@ int main(int argc, char **argv)
 			case 'P': /* ARG */
 				o_forceport = 1;
 			case 'p': /* ARG */
-				if (getuid()) fatal("Sorry, must be root to use -p\n");
+				if (user_uid) fatal("Sorry, must be root to use -p\n");
 				src_prt = checknumericarg();
 				debug("src_prt set to %d\n", src_prt);
 				break;
@@ -466,7 +469,7 @@ int main(int argc, char **argv)
 				break;
 
 			case 's': /* ARG */
-				if (getuid()) fatal("Sorry, must be root to use -s\n");
+				if (user_uid) fatal("Sorry, must be root to use -s\n");
 				src = optarg;
 				break;
 
@@ -529,13 +532,10 @@ int main(int argc, char **argv)
 			usage(1);
 	}
 
-	if (getuid() & geteuid())
-		fatal("Got root?\n");
-
 	initlibnet();
 	defaults();
 	initcapture();
-	setuid(getuid());
+	priv_drop();
 	exitcode = trace();
 #if (LIBNET_API_VERSION >= 110)
 	libnet_destroy(libnet_context);
diff -uprk.orig tcptraceroute-1.5beta6.orig/Makefile.am tcptraceroute-1.5beta6/Makefile.am
--- tcptraceroute-1.5beta6.orig/Makefile.am	2004-12-28 02:57:56 +0300
+++ tcptraceroute-1.5beta6/Makefile.am	2005-01-03 19:48:23 +0300
@@ -1,5 +1,5 @@
 bin_PROGRAMS = tcptraceroute
-tcptraceroute_SOURCES = main.c datalink.c util.c probe.c capture.c
+tcptraceroute_SOURCES = main.c datalink.c util.c probe.c capture.c droppriv.c
 man_MANS = tcptraceroute.1
 
 docdir = $(datadir)/doc/tcptraceroute

5.1:	1.5-alt5
4.1:	1.5-alt5
4.0:	1.5-alt5
3.0:	1.5-alt1