From 17cdbe0ad2d0aa563e269cd23c770c75b312bbcb Mon Sep 17 00:00:00 2001 From: Kenny Levinsen Date: Wed, 8 Sep 2021 20:40:09 +0200 Subject: seatd-launch: Set socket permissions directly Instead of relying on seatd's user/group arguments, which require turning our UID back into a username, just chmod/chown the socket ourselves once seatd is ready. We also reduce the permissions to just user access, instead of user and group like seatd specifies. --- seatd-launch/seatd-launch.c | 46 +++++++++++++++++++++++++-------------------- 1 file changed, 26 insertions(+), 20 deletions(-) (limited to 'seatd-launch/seatd-launch.c') diff --git a/seatd-launch/seatd-launch.c b/seatd-launch/seatd-launch.c index 9fd3f23..f7ed482 100644 --- a/seatd-launch/seatd-launch.c +++ b/seatd-launch/seatd-launch.c @@ -1,13 +1,12 @@ #include #include -#include #include #include #include #include #include #include -#include +#include #include #include @@ -66,29 +65,13 @@ int main(int argc, char *argv[]) { char pipebuf[8]; sprintf(pipebuf, "%d", fds[1]); - struct passwd *user = getpwuid(getuid()); - if (!user) { - perror("getpwuid failed"); - _exit(1); - } - - // TODO: Make seatd accept the numeric UID - execlp("seatd", "seatd", "-n", pipebuf, "-u", user->pw_name, "-s", sockpath, NULL); + execlp("seatd", "seatd", "-n", pipebuf, "-s", sockpath, NULL); perror("Could not start seatd"); _exit(1); } close(fds[1]); - // Drop privileges - if (setgid(getgid()) == -1) { - perror("Could not set gid to drop privileges"); - goto error_seatd; - } - if (setuid(getuid()) == -1) { - perror("Could not set uid to drop privileges"); - goto error_seatd; - } - + // Wait for seatd to be ready char buf[1] = {0}; while (true) { pid_t p = waitpid(seatd_child, NULL, WNOHANG); @@ -127,6 +110,29 @@ int main(int argc, char *argv[]) { } close(fds[0]); + uid_t uid = getuid(); + gid_t gid = getgid(); + + // Restrict access to the socket to just us + if (chown(sockpath, uid, gid) == -1) { + perror("Could not chown seatd socket"); + goto error_seatd; + } + if (chmod(sockpath, 0700) == -1) { + perror("Could not chmod socket"); + goto error; + } + + // Drop privileges + if (setgid(gid) == -1) { + perror("Could not set gid to drop privileges"); + goto error_seatd; + } + if (setuid(uid) == -1) { + perror("Could not set uid to drop privileges"); + goto error_seatd; + } + pid_t child = fork(); if (child == -1) { perror("Could not fork target process"); -- cgit v1.2.3