diff options
| author | Colin Watson <cjwatson@debian.org> | 2012-05-26 01:44:40 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2012-05-26 01:44:40 +0100 |
| commit | 15784261dfaece73ef53f5beb5d3917a95dc1ae4 (patch) | |
| tree | c39ee6c8ff10efca0e0060d6db07780667832eeb /sandbox-rlimit.c | |
| parent | 9fce61538243d8d04d6cf174e118df6c4ece351d (diff) | |
Add a sandbox fallback mechanism, so that behaviour on Linux depends on
whether the running system's kernel has seccomp_filter support, not the
build system's kernel (forwarded upstream as
https://bugzilla.mindrot.org/show_bug.cgi?id=2011).
Diffstat (limited to 'sandbox-rlimit.c')
| -rw-r--r-- | sandbox-rlimit.c | 52 |
1 files changed, 41 insertions, 11 deletions
diff --git a/sandbox-rlimit.c b/sandbox-rlimit.c index 761e9284f..bfd1d446e 100644 --- a/sandbox-rlimit.c +++ b/sandbox-rlimit.c | |||
| @@ -17,9 +17,12 @@ | |||
| 17 | 17 | ||
| 18 | #include "includes.h" | 18 | #include "includes.h" |
| 19 | 19 | ||
| 20 | #include <sys/types.h> | ||
| 21 | |||
| 22 | #include "ssh-sandbox.h" | ||
| 23 | |||
| 20 | #ifdef SANDBOX_RLIMIT | 24 | #ifdef SANDBOX_RLIMIT |
| 21 | 25 | ||
| 22 | #include <sys/types.h> | ||
| 23 | #include <sys/param.h> | 26 | #include <sys/param.h> |
| 24 | #include <sys/time.h> | 27 | #include <sys/time.h> |
| 25 | #include <sys/resource.h> | 28 | #include <sys/resource.h> |
| @@ -32,7 +35,6 @@ | |||
| 32 | #include <unistd.h> | 35 | #include <unistd.h> |
| 33 | 36 | ||
| 34 | #include "log.h" | 37 | #include "log.h" |
| 35 | #include "ssh-sandbox.h" | ||
| 36 | #include "xmalloc.h" | 38 | #include "xmalloc.h" |
| 37 | 39 | ||
| 38 | /* Minimal sandbox that sets zero nfiles, nprocs and filesize rlimits */ | 40 | /* Minimal sandbox that sets zero nfiles, nprocs and filesize rlimits */ |
| @@ -41,8 +43,14 @@ struct ssh_sandbox { | |||
| 41 | pid_t child_pid; | 43 | pid_t child_pid; |
| 42 | }; | 44 | }; |
| 43 | 45 | ||
| 44 | struct ssh_sandbox * | 46 | static int |
| 45 | ssh_sandbox_init(void) | 47 | sandbox_rlimit_probe(void) |
| 48 | { | ||
| 49 | return 1; | ||
| 50 | } | ||
| 51 | |||
| 52 | static void * | ||
| 53 | sandbox_rlimit_init(void) | ||
| 46 | { | 54 | { |
| 47 | struct ssh_sandbox *box; | 55 | struct ssh_sandbox *box; |
| 48 | 56 | ||
| @@ -57,8 +65,8 @@ ssh_sandbox_init(void) | |||
| 57 | return box; | 65 | return box; |
| 58 | } | 66 | } |
| 59 | 67 | ||
| 60 | void | 68 | static void |
| 61 | ssh_sandbox_child(struct ssh_sandbox *box) | 69 | sandbox_rlimit_child(void *vbox) |
| 62 | { | 70 | { |
| 63 | struct rlimit rl_zero; | 71 | struct rlimit rl_zero; |
| 64 | 72 | ||
| @@ -77,17 +85,39 @@ ssh_sandbox_child(struct ssh_sandbox *box) | |||
| 77 | #endif | 85 | #endif |
| 78 | } | 86 | } |
| 79 | 87 | ||
| 80 | void | 88 | static void |
| 81 | ssh_sandbox_parent_finish(struct ssh_sandbox *box) | 89 | sandbox_rlimit_parent_finish(void *vbox) |
| 82 | { | 90 | { |
| 83 | free(box); | 91 | free(vbox); |
| 84 | debug3("%s: finished", __func__); | 92 | debug3("%s: finished", __func__); |
| 85 | } | 93 | } |
| 86 | 94 | ||
| 87 | void | 95 | static void |
| 88 | ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid) | 96 | sandbox_rlimit_parent_preauth(void *vbox, pid_t child_pid) |
| 89 | { | 97 | { |
| 98 | struct ssh_sandbox *box = vbox; | ||
| 99 | |||
| 90 | box->child_pid = child_pid; | 100 | box->child_pid = child_pid; |
| 91 | } | 101 | } |
| 92 | 102 | ||
| 103 | Sandbox ssh_sandbox_rlimit = { | ||
| 104 | "rlimit", | ||
| 105 | sandbox_rlimit_probe, | ||
| 106 | sandbox_rlimit_init, | ||
| 107 | sandbox_rlimit_child, | ||
| 108 | sandbox_rlimit_parent_finish, | ||
| 109 | sandbox_rlimit_parent_preauth | ||
| 110 | }; | ||
| 111 | |||
| 112 | #else /* !SANDBOX_RLIMIT */ | ||
| 113 | |||
| 114 | Sandbox ssh_sandbox_rlimit = { | ||
| 115 | "rlimit", | ||
| 116 | NULL, | ||
| 117 | NULL, | ||
| 118 | NULL, | ||
| 119 | NULL, | ||
| 120 | NULL | ||
| 121 | }; | ||
| 122 | |||
| 93 | #endif /* SANDBOX_RLIMIT */ | 123 | #endif /* SANDBOX_RLIMIT */ |