Merge branch 'remove-setuid' of BenBE/htop

This commit is contained in:
Daniel Lange 2021-02-17 17:56:58 +01:00
commit 12c2337939
10 changed files with 15 additions and 90 deletions

View File

@ -63,11 +63,11 @@ jobs:
- name: Bootstrap - name: Bootstrap
run: ./autogen.sh run: ./autogen.sh
- name: Configure - name: Configure
run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities
- name: Build - name: Build
run: make -k run: make -k
- name: Distcheck - name: Distcheck
run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities' run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities'
build-ubuntu-latest-full-featured-clang: build-ubuntu-latest-full-featured-clang:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -85,11 +85,11 @@ jobs:
- name: Bootstrap - name: Bootstrap
run: ./autogen.sh run: ./autogen.sh
- name: Configure - name: Configure
run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities run: ./configure --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities
- name: Build - name: Build
run: make -k run: make -k
- name: Distcheck - name: Distcheck
run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities' run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities'
build-ubuntu-latest-gcc-static: build-ubuntu-latest-gcc-static:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -104,11 +104,11 @@ jobs:
- name: Bootstrap - name: Bootstrap
run: ./autogen.sh run: ./autogen.sh
- name: Configure - name: Configure
run: ./configure --enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --enable-setuid --disable-delayacct --enable-sensors --enable-capabilities run: ./configure --enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --disable-delayacct --enable-sensors --enable-capabilities
- name: Build - name: Build
run: make -k run: make -k
- name: Distcheck - name: Distcheck
run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --enable-setuid --disable-delayacct --enable-sensors --enable-capabilities' run: make distcheck DISTCHECK_CONFIGURE_FLAGS='--enable-static --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --disable-hwloc --disable-delayacct --enable-sensors --enable-capabilities'
build-ubuntu-latest-clang-analyzer: build-ubuntu-latest-clang-analyzer:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -126,7 +126,7 @@ jobs:
- name: Bootstrap - name: Bootstrap
run: ./autogen.sh run: ./autogen.sh
- name: Configure - name: Configure
run: scan-build-11 -analyze-headers --status-bugs ./configure --enable-debug --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-setuid --enable-delayacct --enable-sensors --enable-capabilities run: scan-build-11 -analyze-headers --status-bugs ./configure --enable-debug --enable-werror --enable-openvz --enable-vserver --enable-ancient-vserver --enable-unicode --enable-hwloc --enable-delayacct --enable-sensors --enable-capabilities
- name: Build - name: Build
run: scan-build-11 -analyze-headers --status-bugs make -j"$(nproc)" run: scan-build-11 -analyze-headers --status-bugs make -j"$(nproc)"

31
CRT.c
View File

@ -658,37 +658,6 @@ static void CRT_handleSIGTERM(int sgn) {
_exit(0); _exit(0);
} }
#ifdef HAVE_SETUID_ENABLED
static int CRT_euid = -1;
static int CRT_egid = -1;
void CRT_dropPrivileges() {
CRT_egid = getegid();
CRT_euid = geteuid();
if (setegid(getgid()) == -1) {
CRT_fatalError("Fatal error: failed dropping group privileges");
}
if (seteuid(getuid()) == -1) {
CRT_fatalError("Fatal error: failed dropping user privileges");
}
}
void CRT_restorePrivileges() {
if (CRT_egid == -1 || CRT_euid == -1) {
CRT_fatalError("Fatal error: internal inconsistency");
}
if (setegid(CRT_egid) == -1) {
CRT_fatalError("Fatal error: failed restoring group privileges");
}
if (seteuid(CRT_euid) == -1) {
CRT_fatalError("Fatal error: failed restoring user privileges");
}
}
#endif /* HAVE_SETUID_ENABLED */
#ifndef NDEBUG #ifndef NDEBUG
static int stderrRedirectNewFd = -1; static int stderrRedirectNewFd = -1;

14
CRT.h
View File

@ -160,20 +160,6 @@ extern int CRT_scrollWheelVAmount;
extern ColorScheme CRT_colorScheme; extern ColorScheme CRT_colorScheme;
#ifdef HAVE_SETUID_ENABLED
void CRT_dropPrivileges(void);
void CRT_restorePrivileges(void);
#else /* HAVE_SETUID_ENABLED */
/* Turn setuid operations into NOPs */
static inline void CRT_dropPrivileges(void) { }
static inline void CRT_restorePrivileges(void) { }
#endif /* HAVE_SETUID_ENABLED */
void CRT_init(const Settings* settings, bool allowUnicode); void CRT_init(const Settings* settings, bool allowUnicode);
void CRT_done(void); void CRT_done(void);

View File

@ -8,6 +8,8 @@ What's new in version 3.0.6 (not released yet)
in your htoprc file. Solution: Press I (to invert sort order). in your htoprc file. Solution: Press I (to invert sort order).
This changed setting will be saved by htop on exit as long as it can This changed setting will be saved by htop on exit as long as it can
write to your htoprc file. write to your htoprc file.
* The compile-time option to cater specifically for running htop as
setuid has been removed.
What's new in version 3.0.5 What's new in version 3.0.5

View File

@ -34,9 +34,7 @@ static void EnvScreen_scan(InfoScreen* this) {
Panel_prune(panel); Panel_prune(panel);
CRT_dropPrivileges();
char* env = Platform_getProcessEnv(this->process->pid); char* env = Platform_getProcessEnv(this->process->pid);
CRT_restorePrivileges();
if (env) { if (env) {
for (const char* p = env; *p; p = strrchr(p, 0) + 1) for (const char* p = env; *p; p = strrchr(p, 0) + 1)
InfoScreen_addLine(this, p); InfoScreen_addLine(this, p);

View File

@ -479,10 +479,9 @@ bool Process_isTomb(const Process* this) {
} }
bool Process_setPriority(Process* this, int priority) { bool Process_setPriority(Process* this, int priority) {
CRT_dropPrivileges();
int old_prio = getpriority(PRIO_PROCESS, this->pid); int old_prio = getpriority(PRIO_PROCESS, this->pid);
int err = setpriority(PRIO_PROCESS, this->pid, priority); int err = setpriority(PRIO_PROCESS, this->pid, priority);
CRT_restorePrivileges();
if (err == 0 && old_prio != getpriority(PRIO_PROCESS, this->pid)) { if (err == 0 && old_prio != getpriority(PRIO_PROCESS, this->pid)) {
this->nice = priority; this->nice = priority;
} }
@ -494,10 +493,7 @@ bool Process_changePriorityBy(Process* this, Arg delta) {
} }
bool Process_sendSignal(Process* this, Arg sgn) { bool Process_sendSignal(Process* this, Arg sgn) {
CRT_dropPrivileges(); return kill(this->pid, sgn.i) == 0;
bool ok = (kill(this->pid, sgn.i) == 0);
CRT_restorePrivileges();
return ok;
} }
int Process_pidCompare(const void* v1, const void* v2) { int Process_pidCompare(const void* v1, const void* v2) {

3
README
View File

@ -58,9 +58,6 @@ By default `make install` will install into `/usr/local`, for changing the path
enable hwloc support for CPU affinity; disables Linux affinity enable hwloc support for CPU affinity; disables Linux affinity
dependency: *libhwloc* dependency: *libhwloc*
default: *no* default: *no*
* `--enable-setuid`:
enable setuid support for privilege dropping
default: *no*
* `--enable-static`: * `--enable-static`:
build a static htop binary; hwloc and delay accounting are not supported build a static htop binary; hwloc and delay accounting are not supported
default: *no* default: *no*

View File

@ -125,10 +125,7 @@ static void readFields(ProcessField* fields, uint32_t* flags, const char* line)
} }
static bool Settings_read(Settings* this, const char* fileName, int initialCpuCount) { static bool Settings_read(Settings* this, const char* fileName, int initialCpuCount) {
FILE* fd; FILE* fd = fopen(fileName, "r");
CRT_dropPrivileges();
fd = fopen(fileName, "r");
CRT_restorePrivileges();
if (!fd) if (!fd)
return false; return false;
@ -284,15 +281,10 @@ static void writeMeterModes(Settings* this, FILE* fd, int column) {
} }
bool Settings_write(Settings* this) { bool Settings_write(Settings* this) {
FILE* fd; FILE* fd = fopen(this->filename, "w");
if (fd == NULL)
CRT_dropPrivileges();
fd = fopen(this->filename, "w");
CRT_restorePrivileges();
if (fd == NULL) {
return false; return false;
}
fprintf(fd, "# Beware! This file is rewritten by htop when settings are changed in the interface.\n"); fprintf(fd, "# Beware! This file is rewritten by htop when settings are changed in the interface.\n");
fprintf(fd, "# The parser is also very primitive, and not human-friendly.\n"); fprintf(fd, "# The parser is also very primitive, and not human-friendly.\n");
writeFields(fd, this->fields, "fields"); writeFields(fd, this->fields, "fields");
@ -410,7 +402,6 @@ Settings* Settings_new(int initialCpuCount) {
htopDir = String_cat(home, "/.config/htop"); htopDir = String_cat(home, "/.config/htop");
} }
legacyDotfile = String_cat(home, "/.htoprc"); legacyDotfile = String_cat(home, "/.htoprc");
CRT_dropPrivileges();
(void) mkdir(configDir, 0700); (void) mkdir(configDir, 0700);
(void) mkdir(htopDir, 0700); (void) mkdir(htopDir, 0700);
free(htopDir); free(htopDir);
@ -421,7 +412,6 @@ Settings* Settings_new(int initialCpuCount) {
free(legacyDotfile); free(legacyDotfile);
legacyDotfile = NULL; legacyDotfile = NULL;
} }
CRT_restorePrivileges();
} }
this->colorScheme = 0; this->colorScheme = 0;
this->enableMouse = true; this->enableMouse = true;

View File

@ -87,8 +87,6 @@ bool TraceScreen_forkTracer(TraceScreen* this) {
dup2(fdpair[1], STDERR_FILENO); dup2(fdpair[1], STDERR_FILENO);
close(fdpair[1]); close(fdpair[1]);
CRT_dropPrivileges();
char buffer[32] = {0}; char buffer[32] = {0};
xSnprintf(buffer, sizeof(buffer), "%d", this->super.process->pid); xSnprintf(buffer, sizeof(buffer), "%d", this->super.process->pid);
execlp("strace", "strace", "-T", "-tt", "-s", "512", "-p", buffer, NULL); execlp("strace", "strace", "-T", "-tt", "-s", "512", "-p", buffer, NULL);

View File

@ -316,16 +316,6 @@ case "$enable_hwloc" in
;; ;;
esac esac
AC_ARG_ENABLE([setuid],
[AS_HELP_STRING([--enable-setuid],
[enable setuid support for privilege dropping @<:@default=no@:>@])],
[],
[enable_setuid=no])
if test "x$enable_setuid" = xyes; then
AC_DEFINE([HAVE_SETUID_ENABLED], [1], [Define if setuid support should be enabled.])
fi
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
@ -628,7 +618,6 @@ AC_MSG_RESULT([
(Linux) capabilities: $enable_capabilities (Linux) capabilities: $enable_capabilities
unicode: $enable_unicode unicode: $enable_unicode
hwloc: $enable_hwloc hwloc: $enable_hwloc
setuid: $enable_setuid
debug: $enable_debug debug: $enable_debug
static: $enable_static static: $enable_static
]) ])