search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2002-04-24 Marcus Brinkmann <marcus@g10code.de>
[gnupg.git] / common / sysutils.c
blob6eb40b125fc487a6807da5bca5c1a03b33048c34
1 /* sysutils.c - system helpers
2 * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
19 */
20
21 #include <config.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <unistd.h>
26 #include <errno.h>
27 #ifdef HAVE_STAT
28 #include <sys/stat.h>
29 #endif
30 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
31 #include <asm/sysinfo.h>
32 #include <asm/unistd.h>
33 #endif
34 #ifdef HAVE_SETRLIMIT
35 #include <time.h>
36 #include <sys/time.h>
37 #include <sys/resource.h>
38 #endif
39 #include "util.h"
40 #include "i18n.h"
41
42 #include "sysutils.h"
43
44 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
45 #warning using trap_unaligned
46 static int
47 setsysinfo(unsigned long op, void *buffer, unsigned long size,
48 int *start, void *arg, unsigned long flag)
49 {
50 return syscall(__NR_osf_setsysinfo, op, buffer, size, start, arg, flag);
51 }
52
53 void
54 trap_unaligned(void)
55 {
56 unsigned int buf[2];
57
58 buf[0] = SSIN_UACPROC;
59 buf[1] = UAC_SIGBUS | UAC_NOPRINT;
60 setsysinfo(SSI_NVPAIRS, buf, 1, 0, 0, 0);
61 }
62 #else
63 void
64 trap_unaligned(void)
65 { /* dummy */
66 }
67 #endif
68
69
70 int
71 disable_core_dumps (void)
72 {
73 #ifdef HAVE_DOSISH_SYSTEM
74 return 0;
75 #else
76 #ifdef HAVE_SETRLIMIT
77 struct rlimit limit;
78
79 limit.rlim_cur = 0;
80 limit.rlim_max = 0;
81 if( !setrlimit( RLIMIT_CORE, &limit ) )
82 return 0;
83 if( errno != EINVAL && errno != ENOSYS )
84 log_fatal (_("can't disable core dumps: %s\n"), strerror(errno) );
85 #endif
86 return 1;
87 #endif
88 }
89
90
91
92 /* Return a string which is used as a kind of process ID */
93 const byte *
94 get_session_marker( size_t *rlen )
95 {
96 static byte marker[SIZEOF_UNSIGNED_LONG*2];
97 static int initialized;
98
99 if ( !initialized ) {
100 volatile ulong aa, bb; /* we really want the uninitialized value */
101 ulong a, b;
102
103 initialized = 1;
104 /* also this marker is guessable it is not easy to use this
105 * for a faked control packet because an attacker does not
106 * have enough control about the time the verification does
107 * take place. Of course, we can add just more random but
108 * than we need the random generator even for verification
109 * tasks - which does not make sense. */
110 a = aa ^ (ulong)getpid();
111 b = bb ^ (ulong)time(NULL);
112 memcpy( marker, &a, SIZEOF_UNSIGNED_LONG );
113 memcpy( marker+SIZEOF_UNSIGNED_LONG, &b, SIZEOF_UNSIGNED_LONG );
114 }
115 *rlen = sizeof(marker);
116 return marker;
117 }
118
119
120 #if 0 /* not yet needed */
121 int
122 check_permissions(const char *path,int extension,int checkonly)
123 {
124 #if defined(HAVE_STAT) && !defined(HAVE_DOSISH_SYSTEM)
125 char *tmppath;
126 struct stat statbuf;
127 int ret=1;
128 int isdir=0;
129
130 if(opt.no_perm_warn)
131 return 0;
132
133 if(extension && path[0]!=DIRSEP_C)
134 {
135 if(strchr(path,DIRSEP_C))
136 tmppath=make_filename(path,NULL);
137 else
138 tmppath=make_filename(GNUPG_LIBDIR,path,NULL);
139 }
140 else
141 tmppath=m_strdup(path);
142
143 /* It's okay if the file doesn't exist */
144 if(stat(tmppath,&statbuf)!=0)
145 {
146 ret=0;
147 goto end;
148 }
149
150 isdir=S_ISDIR(statbuf.st_mode);
151
152 /* Per-user files must be owned by the user. Extensions must be
153 owned by the user or root. */
154 if((!extension && statbuf.st_uid != getuid()) ||
155 (extension && statbuf.st_uid!=0 && statbuf.st_uid!=getuid()))
156 {
157 if(!checkonly)
158 log_info(_("Warning: unsafe ownership on %s \"%s\"\n"),
159 isdir?"directory":extension?"extension":"file",path);
160 goto end;
161 }
162
163 /* This works for both directories and files - basically, we don't
164 care what the owner permissions are, so long as the group and
165 other permissions are 0 for per-user files, and non-writable for
166 extensions. */
167 if((extension && (statbuf.st_mode & (S_IWGRP|S_IWOTH)) !=0) ||
168 (!extension && (statbuf.st_mode & (S_IRWXG|S_IRWXO)) != 0))
169 {
170 char *dir;
171
172 /* However, if the directory the directory/file is in is owned
173 by the user and is 700, then this is not a problem.
174 Theoretically, we could walk this test up to the root
175 directory /, but for the sake of sanity, I'm stopping at one
176 level down. */
177
178 dir= make_dirname (tmppath);
179 if(stat(dir,&statbuf)==0 && statbuf.st_uid==getuid() &&
180 S_ISDIR(statbuf.st_mode) && (statbuf.st_mode & (S_IRWXG|S_IRWXO))==0)
181 {
182 xfree (dir);
183 ret=0;
184 goto end;
185 }
186
187 m_free(dir);
188
189 if(!checkonly)
190 log_info(_("Warning: unsafe permissions on %s \"%s\"\n"),
191 isdir?"directory":extension?"extension":"file",path);
192 goto end;
193 }
194
195 ret=0;
196
197 end:
198 m_free(tmppath);
199
200 return ret;
201
202 #endif /* HAVE_STAT && !HAVE_DOSISH_SYSTEM */
203
204 return 0;
205 }
206 #endif
gnupg svn clone