diff options
author | OBATA Akio <obache@wizdas.com> | 2020-08-12 17:29:38 +0900 |
---|---|---|
committer | Slávek Banko <slavek.banko@axis.cz> | 2021-02-03 22:36:08 +0100 |
commit | e83b6fdca00dbf4a3b194c29bcc5c22e381f16db (patch) | |
tree | 8f5c7440017c559b4f0e9df13cb632b4ce1f275b | |
parent | a9e9cfcd54baa5bdd71a187c41542888a091f220 (diff) | |
download | tdelibs-e83b6fdca00dbf4a3b194c29bcc5c22e381f16db.tar.gz tdelibs-e83b6fdca00dbf4a3b194c29bcc5c22e381f16db.zip |
Add LOCAL_PEEREID sockopt support for peer socket uid check
It is supported on NetBSD 5 and later.
Signed-off-by: OBATA Akio <obache@wizdas.com>
(cherry picked from commit 7827038ab45c300b86bee1b9fb6cf0f78461c0e7)
-rw-r--r-- | dcop/dcopclient.cpp | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/dcop/dcopclient.cpp b/dcop/dcopclient.cpp index 6a740e2ff..a64a681f9 100644 --- a/dcop/dcopclient.cpp +++ b/dcop/dcopclient.cpp @@ -41,6 +41,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. #include <sys/stat.h> #include <sys/file.h> #include <sys/socket.h> +#include <sys/un.h> #include <fcntl.h> #include <unistd.h> @@ -713,10 +714,12 @@ bool DCOPClient::isSuspended() const return !d->notifier->isEnabled(); } -#ifdef SO_PEERCRED +#if defined(SO_PEERCRED) || defined(LOCAL_PEEREID) +#define USE_PEER_IS_US // Check whether the remote end is owned by the same user. static bool peerIsUs(int sockfd) { +#ifdef SO_PEERCRED #if defined(__OpenBSD__) struct sockpeercred cred; #else @@ -726,6 +729,13 @@ static bool peerIsUs(int sockfd) if (getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cred, &siz) != 0) return false; return (cred.uid == getuid()); +#elif defined LOCAL_PEEREID + struct unpcbid cred; + socklen_t siz = sizeof(cred); + if (getsockopt(sockfd, 0, LOCAL_PEEREID, &cred, &siz) != 0 || siz != sizeof(cred)) + return false; + return (cred.unp_euid == geteuid()); +#endif } #else // Check whether the socket is owned by the same user. @@ -871,7 +881,7 @@ bool DCOPClient::attachInternal( bool registerAsAnonymous ) return false; } -#ifdef SO_PEERCRED +#ifdef USE_PEER_IS_US d->foreign_server = !peerIsUs(socket()); #else d->foreign_server = !isServerSocketOwnedByUser(d->serverAddr); |