doczkal / rpms / abrt

Forked from rpms/abrt 4 years ago
Clone

Blame SOURCES/0116-daemon-dbus-allow-only-root-to-create-CCpp-Koops-vmc.patch

a60cd7
From 7417505e1d93cc95ec648b74e3c801bc67aacb9f Mon Sep 17 00:00:00 2001
a60cd7
From: Jakub Filak <jfilak@redhat.com>
a60cd7
Date: Thu, 7 May 2015 11:07:12 +0200
a60cd7
Subject: [ABRT PATCH] daemon, dbus: allow only root to create CCpp, Koops,
a60cd7
 vmcore and xorg
a60cd7
MIME-Version: 1.0
a60cd7
Content-Type: text/plain; charset=UTF-8
a60cd7
Content-Transfer-Encoding: 8bit
a60cd7
a60cd7
Florian Weimer <fweimer@redhat.com>:
a60cd7
    This prevents users from feeding things that are not actually
a60cd7
    coredumps and excerpts from /proc to these analyzers.
a60cd7
a60cd7
    For example, it should not be possible to trigger a rule with
a60cd7
    “EVENT=post-create analyzer=CCpp” using NewProblem
a60cd7
a60cd7
Related: #1212861
a60cd7
a60cd7
Signed-off-by: Jakub Filak <jfilak@redhat.com>
a60cd7
---
a60cd7
 src/daemon/abrt-server.c |  2 +-
a60cd7
 src/dbus/abrt-dbus.c     | 10 +++++++++-
a60cd7
 src/include/libabrt.h    |  2 ++
a60cd7
 src/lib/hooklib.c        | 24 ++++++++++++++++++++++++
a60cd7
 4 files changed, 36 insertions(+), 2 deletions(-)
a60cd7
a60cd7
diff --git a/src/daemon/abrt-server.c b/src/daemon/abrt-server.c
a60cd7
index d3fa1b5..afd9fd3 100644
a60cd7
--- a/src/daemon/abrt-server.c
a60cd7
+++ b/src/daemon/abrt-server.c
a60cd7
@@ -487,7 +487,7 @@ static gboolean key_value_ok(gchar *key, gchar *value)
a60cd7
         }
a60cd7
     }
a60cd7
 
a60cd7
-    return TRUE;
a60cd7
+    return allowed_new_user_problem_entry(client_uid, key, value);
a60cd7
 }
a60cd7
 
a60cd7
 /* Handles a message received from client over socket. */
a60cd7
diff --git a/src/dbus/abrt-dbus.c b/src/dbus/abrt-dbus.c
a60cd7
index 6de15e9..bef95bd 100644
a60cd7
--- a/src/dbus/abrt-dbus.c
a60cd7
+++ b/src/dbus/abrt-dbus.c
a60cd7
@@ -168,6 +168,7 @@ bool allowed_problem_dir(const char *dir_name)
a60cd7
 
a60cd7
 static char *handle_new_problem(GVariant *problem_info, uid_t caller_uid, char **error)
a60cd7
 {
a60cd7
+    char *problem_id = NULL;
a60cd7
     problem_data_t *pd = problem_data_new();
a60cd7
 
a60cd7
     GVariantIter *iter;
a60cd7
@@ -175,6 +176,12 @@ static char *handle_new_problem(GVariant *problem_info, uid_t caller_uid, char *
a60cd7
     gchar *key, *value;
a60cd7
     while (g_variant_iter_loop(iter, "{ss}", &key, &value))
a60cd7
     {
a60cd7
+        if (allowed_new_user_problem_entry(caller_uid, key, value) == false)
a60cd7
+        {
a60cd7
+            *error = xasprintf("You are not allowed to create element '%s' containing '%s'", key, value);
a60cd7
+            goto finito;
a60cd7
+        }
a60cd7
+
a60cd7
         problem_data_add_text_editable(pd, key, value);
a60cd7
     }
a60cd7
 
a60cd7
@@ -189,12 +196,13 @@ static char *handle_new_problem(GVariant *problem_info, uid_t caller_uid, char *
a60cd7
     /* At least it should generate local problem identifier UUID */
a60cd7
     problem_data_add_basics(pd);
a60cd7
 
a60cd7
-    char *problem_id = problem_data_save(pd);
a60cd7
+    problem_id = problem_data_save(pd);
a60cd7
     if (problem_id)
a60cd7
         notify_new_path(problem_id);
a60cd7
     else if (error)
a60cd7
         *error = xasprintf("Cannot create a new problem");
a60cd7
 
a60cd7
+finito:
a60cd7
     problem_data_free(pd);
a60cd7
     return problem_id;
a60cd7
 }
a60cd7
diff --git a/src/include/libabrt.h b/src/include/libabrt.h
a60cd7
index 5bf2397..3749a31 100644
a60cd7
--- a/src/include/libabrt.h
a60cd7
+++ b/src/include/libabrt.h
a60cd7
@@ -51,6 +51,8 @@ char *get_backtrace(const char *dump_dir_name, unsigned timeout_sec, const char
a60cd7
 bool dir_is_in_dump_location(const char *dir_name);
a60cd7
 #define dir_has_correct_permissions abrt_dir_has_correct_permissions
a60cd7
 bool dir_has_correct_permissions(const char *dir_name);
a60cd7
+#define allowed_new_user_problem_entry abrt_allowed_new_user_problem_entry
a60cd7
+bool allowed_new_user_problem_entry(uid_t uid, const char *name, const char *value);
a60cd7
 
a60cd7
 #define g_settings_nMaxCrashReportsSize abrt_g_settings_nMaxCrashReportsSize
a60cd7
 extern unsigned int  g_settings_nMaxCrashReportsSize;
a60cd7
diff --git a/src/lib/hooklib.c b/src/lib/hooklib.c
a60cd7
index 4b20025..8e93663 100644
a60cd7
--- a/src/lib/hooklib.c
a60cd7
+++ b/src/lib/hooklib.c
a60cd7
@@ -483,3 +483,27 @@ bool dir_has_correct_permissions(const char *dir_name)
a60cd7
     }
a60cd7
     return true;
a60cd7
 }
a60cd7
+
a60cd7
+bool allowed_new_user_problem_entry(uid_t uid, const char *name, const char *value)
a60cd7
+{
a60cd7
+    /* Allow root to create everything */
a60cd7
+    if (uid == 0)
a60cd7
+        return true;
a60cd7
+
a60cd7
+    /* Permit non-root users to create everything except: analyzer and type */
a60cd7
+    if (strcmp(name, FILENAME_ANALYZER) != 0
a60cd7
+     && strcmp(name, FILENAME_TYPE) != 0
a60cd7
+     /* compatibility value used in abrt-server */
a60cd7
+     && strcmp(name, "basename") != 0)
a60cd7
+        return true;
a60cd7
+
a60cd7
+    /* Permit non-root users to create all types except: C/C++, Koops, vmcore and xorg */
a60cd7
+     if (strcmp(value, "CCpp") != 0
a60cd7
+      && strcmp(value, "Kerneloops") != 0
a60cd7
+      && strcmp(value, "vmcore") != 0
a60cd7
+      && strcmp(value, "xorg") != 0)
a60cd7
+        return true;
a60cd7
+
a60cd7
+    error_msg("Only root is permitted to create element '%s' containing '%s'", name, value);
a60cd7
+    return false;
a60cd7
+}
a60cd7
-- 
a60cd7
1.8.3.1
a60cd7