Module: sip-router Branch: 3.1 Commit: 26916560205d294ad09d35166c754516bf122e49 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=26916560...
Author: Marius Zbihlei marius.zbihlei@1and1.ro Committer: Marius Zbihlei marius.zbihlei@1and1.ro Date: Fri Apr 1 17:14:01 2011 +0300
modules/carrierroute fixed permission checking in mod_init
Check the permission of the cfg file based on the user settings passed to the daemon, it it applies (cherry picked from commit 78f3ede8c89a0456460158157439da90290ee8ad)
---
modules/carrierroute/carrierroute.c | 18 ++++++++++++++++-- 1 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/modules/carrierroute/carrierroute.c b/modules/carrierroute/carrierroute.c index 1a7abe7..3200cb2 100644 --- a/modules/carrierroute/carrierroute.c +++ b/modules/carrierroute/carrierroute.c @@ -40,6 +40,7 @@ #include "../../sr_module.h" #include "../../str.h" #include "../../mem/mem.h" +#include "../../ut.h" /* for user2uid() */ #include "carrierroute.h" #include "cr_fixup.h" #include "cr_map.h" @@ -154,6 +155,8 @@ struct module_exports exports = { */ static int mod_init(void) { struct stat fs; + extern char* user; /*from main.c*/ + int uid, gid;
if(register_mi_mod(exports.name, mi_cmds)!=0) { @@ -197,9 +200,20 @@ static int mod_init(void) { if(fs.st_mode & S_IWOTH){ LM_WARN("insecure file permissions, routing data is world writeable\n"); } + + if (user){ + if (user2uid(&uid, &gid, user)<0){ + LM_ERR("bad user name/uid number: -u %s\n", user); + return -1; + } + } else { + uid = geteuid(); + gid = getegid(); + } + if( !( fs.st_mode & S_IWOTH) && - !((fs.st_mode & S_IWGRP) && (fs.st_gid == getegid())) && - !((fs.st_mode & S_IWUSR) && (fs.st_uid == geteuid())) ) { + !((fs.st_mode & S_IWGRP) && (fs.st_gid == uid)) && + !((fs.st_mode & S_IWUSR) && (fs.st_uid == gid))) { LM_ERR("config file %s not writable\n", config_file); return -1; }
-
Marius Zbihlei