Browse code

modules/carrierroute fixed permission checking in mod_init

Check the permission of the cfg file based on the user settings passed to the daemon, it it applies

Marius Zbihlei authored on 01/04/2011 14:14:01
Showing 1 changed files
... ...
@@ -40,6 +40,7 @@
40 40
 #include "../../sr_module.h"
41 41
 #include "../../str.h"
42 42
 #include "../../mem/mem.h"
43
+#include "../../ut.h" /* for user2uid() */
43 44
 #include "carrierroute.h"
44 45
 #include "cr_fixup.h"
45 46
 #include "cr_map.h"
... ...
@@ -154,6 +155,8 @@ struct module_exports exports = {
154 155
  */
155 156
 static int mod_init(void) {
156 157
 	struct stat fs;
158
+	extern char* user; /*from main.c*/
159
+	int uid, gid;
157 160
 
158 161
 	if(register_mi_mod(exports.name, mi_cmds)!=0)
159 162
 	{
... ...
@@ -197,9 +200,20 @@ static int mod_init(void) {
197 200
 		if(fs.st_mode & S_IWOTH){
198 201
 			LM_WARN("insecure file permissions, routing data is world writeable\n");
199 202
 		}
203
+
204
+		if (user){
205
+			if (user2uid(&uid, &gid, user)<0){
206
+				LM_ERR("bad user name/uid number: -u %s\n", user);
207
+				return -1;
208
+			}
209
+		} else {
210
+			uid = geteuid();
211
+			gid = getegid();
212
+		}
213
+
200 214
 		if( !( fs.st_mode & S_IWOTH) &&
201
-			!((fs.st_mode & S_IWGRP) && (fs.st_gid == getegid())) &&
202
-			!((fs.st_mode & S_IWUSR) && (fs.st_uid == geteuid())) ) {
215
+			!((fs.st_mode & S_IWGRP) && (fs.st_gid == uid)) &&
216
+			!((fs.st_mode & S_IWUSR) && (fs.st_uid == gid))) {
203 217
 				LM_ERR("config file %s not writable\n", config_file);
204 218
 				return -1;
205 219
 		}