diff options
author | Samuel Mendoza-Jonas <sam@mendozajonas.com> | 2018-06-19 16:50:28 +1000 |
---|---|---|
committer | Samuel Mendoza-Jonas <sam@mendozajonas.com> | 2018-12-03 14:39:57 +1100 |
commit | 336f4eb17fb50526ea9fda82262356581e1b9ae0 (patch) | |
tree | 0a0b0fc427646d6ccd39f9baf209e62bfd40eb23 /discover/user-event.c | |
parent | de6f6c4bff7d42f63e2bbd01d2bab65ae9635877 (diff) | |
download | talos-petitboot-336f4eb17fb50526ea9fda82262356581e1b9ae0.tar.gz talos-petitboot-336f4eb17fb50526ea9fda82262356581e1b9ae0.zip |
discover/discover-server: Restrict clients based on uid
If crypt support is enabled restrict what actions clients can perform by
default. Initial authorisation is set at connection time; clients
running as root are unrestricted, anything else runs as restricted until
it makes an authentication to pb-discover.
Unprivileged clients may only perform the following actions:
- Boot the default boot option.
- Cancel the autoboot timeout.
- Make an authentication request.
If a group named "petitgroup" exists then the socket permissions are
also modified so that only clients running as root or in that group may
connect to the socket.
The user-event socket is only usable by root since the two main
usecases are by utilities called by pb-discover or by a user in the
shell who will need to su to root anyway.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Diffstat (limited to 'discover/user-event.c')
-rw-r--r-- | discover/user-event.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/discover/user-event.c b/discover/user-event.c index 734f77b..d3d4a5e 100644 --- a/discover/user-event.c +++ b/discover/user-event.c @@ -24,6 +24,7 @@ #include <errno.h> #include <string.h> #include <sys/socket.h> +#include <sys/stat.h> #include <sys/types.h> #include <sys/un.h> @@ -507,7 +508,7 @@ static int user_event_boot(struct user_event *uev, struct event *event) cmd->boot_args = talloc_strdup(cmd, event_get_param(event, "args")); } - device_handler_boot(handler, cmd); + device_handler_boot(handler, false, cmd); talloc_free(cmd); @@ -749,6 +750,10 @@ struct user_event *user_event_init(struct device_handler *handler, strerror(errno)); } + /* Don't allow events from non-priviledged users */ + chown(PBOOT_USER_EVENT_SOCKET, 0, 0); + chmod(PBOOT_USER_EVENT_SOCKET, 0660); + waiter_register_io(waitset, uev->socket, WAIT_IN, user_event_process, uev); |