diff options
Diffstat (limited to '')
-rw-r--r-- | src/sledjchisl/sledjchisl.c | 75 |
1 files changed, 55 insertions, 20 deletions
diff --git a/src/sledjchisl/sledjchisl.c b/src/sledjchisl/sledjchisl.c index 850a0c7..05e35a9 100644 --- a/src/sledjchisl/sledjchisl.c +++ b/src/sledjchisl/sledjchisl.c | |||
@@ -7652,24 +7652,57 @@ jit library is loaded or the JIT compiler will not be activated. | |||
7652 | // Sort out directories, part 2 | 7652 | // Sort out directories, part 2 |
7653 | //////////////////////////////////////////////////////////////////////////////////////////////////// | 7653 | //////////////////////////////////////////////////////////////////////////////////////////////////// |
7654 | // Doing this here coz at this point we should be the correct user. | 7654 | // Doing this here coz at this point we should be the correct user. |
7655 | I("Making directories in %s.", scRoot); | 7655 | /* From man 7 inode - |
7656 | if ((! qfile_exist(scBin)) && (! qfile_mkdir(scBin, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scBin); | 7656 | S_ISUID 04000 set-user-ID bit |
7657 | if ((! qfile_exist(scEtc)) && (! qfile_mkdir(scEtc, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scEtc); | 7657 | S_ISGID 02000 set-group-ID bit (see below) |
7658 | if ((! qfile_exist(scLib)) && (! qfile_mkdir(scLib, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scLib); | 7658 | S_ISVTX 01000 sticky bit (see below) |
7659 | if ((! qfile_exist(scRun)) && (! qfile_mkdir(scRun, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IWGRP | S_IXGRP | S_ISGID, true))) C("Unable to create path %s", scRun); | 7659 | |
7660 | if ((! qfile_exist(scBackup)) && (! qfile_mkdir(scBackup, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scBackup); | 7660 | S_IRWXU 00700 owner has read, write, and execute permission |
7661 | // TODO - the path to scCache/sledjchisl.socket needs to be readable by the www-data group. So the FCGI socket will work. | 7661 | S_IRUSR 00400 owner has read permission |
7662 | // AND it needs to be group sticky on opensimsc group. So the tmux socket will work. | 7662 | S_IWUSR 00200 owner has write permission |
7663 | S_IXUSR 00100 owner has execute permission | ||
7664 | |||
7665 | S_IRWXG 00070 group has read, write, and execute permission | ||
7666 | S_IRGRP 00040 group has read permission | ||
7667 | S_IWGRP 00020 group has write permission | ||
7668 | S_IXGRP 00010 group has execute permission | ||
7669 | |||
7670 | S_IRWXO 00007 others (not in group) have read, write, and execute permission | ||
7671 | S_IROTH 00004 others have read permission | ||
7672 | S_IWOTH 00002 others have write permission | ||
7673 | S_IXOTH 00001 others have execute permission | ||
7674 | |||
7675 | The set-group-ID bit (S_ISGID) has several special uses. For a directory, it indicates that BSD semantics is to be used for that directory: files created there inherit their group | ||
7676 | ID from the directory, not from the effective group ID of the creating process, and directories created there will also get the S_ISGID bit set. For a file that does not have the | ||
7677 | group execution bit (S_IXGRP) set, the set-group-ID bit indicates mandatory file/record locking. | ||
7678 | |||
7679 | The sticky bit (S_ISVTX) on a directory means that a file in that directory can be renamed or deleted only by the owner of the file, by the owner of the directory, | ||
7680 | and by a privileged process | ||
7681 | */ | ||
7682 | V("Making directories in %s.", scRoot); | ||
7683 | if ((! qfile_exist(scBin)) && (! qfile_mkdir(scBin, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scBin); | ||
7684 | if ((! qfile_exist(scEtc)) && (! qfile_mkdir(scEtc, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scEtc); | ||
7685 | if ((! qfile_exist(scLib)) && (! qfile_mkdir(scLib, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scLib); | ||
7686 | if ((! qfile_exist(scBackup)) && (! qfile_mkdir(scBackup, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scBackup); | ||
7687 | // TODO - the path to sledjchisl.socket needs to be readable by the www-data group. So the FCGI socket will work. | ||
7688 | // AND it needs to be group sticky on opensimsc group. So the tmux socket will work. | ||
7663 | // So currently scCache is www-data readable, and scRun is group sticky. | 7689 | // So currently scCache is www-data readable, and scRun is group sticky. |
7664 | if ((! qfile_exist(scCache)) && (! qfile_mkdir(scCache, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scCache); | 7690 | // Our big problem here is that opensimsc can't set group on it's own directories to www-data if it's not in that group. |
7665 | if ((! qfile_exist(scData)) && (! qfile_mkdir(scData, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scData); | 7691 | // And that's the only reason we need access to that group. |
7666 | if ((! qfile_exist(scLog)) && (! qfile_mkdir(scLog, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scLog); | 7692 | // Put both in scRun, and make it other readable? |
7667 | if ((! qfile_exist(scTemp)) && (! qfile_mkdir(scTemp, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scTemp); | 7693 | // No idea of the SECURITY HOLE that might cause. |
7694 | // DAMMIT! chicken and egg, scRun has to exist before tmux runs, so it can create the socket in there, | ||
7695 | // but we can't create it until tmux runs. | ||
7696 | if ((! qfile_exist(scCache)) && (! qfile_mkdir(scCache, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scCache); | ||
7697 | // if ((! qfile_exist(scRun)) && (! qfile_mkdir(scRun, S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH | S_ISGID, true))) C("Unable to create path %s", scRun); | ||
7698 | if ((! qfile_exist(scData)) && (! qfile_mkdir(scData, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scData); | ||
7699 | if ((! qfile_exist(scLog)) && (! qfile_mkdir(scLog, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scLog); | ||
7700 | if ((! qfile_exist(scTemp)) && (! qfile_mkdir(scTemp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", scTemp); | ||
7668 | tmp = xmprintf("%s/sessions", scCache); | 7701 | tmp = xmprintf("%s/sessions", scCache); |
7669 | if ((! qfile_exist(tmp)) && (! qfile_mkdir(tmp, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", tmp); | 7702 | if ((! qfile_exist(tmp)) && (! qfile_mkdir(tmp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", tmp); |
7670 | free(tmp); | 7703 | free(tmp); |
7671 | tmp = xmprintf("%s/users", scData); | 7704 | tmp = xmprintf("%s/users", scData); |
7672 | if ((! qfile_exist(tmp)) && (! qfile_mkdir(tmp, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", tmp); | 7705 | if ((! qfile_exist(tmp)) && (! qfile_mkdir(tmp, S_IRWXU | S_IRGRP | S_IXGRP, true))) C("Unable to create path %s", tmp); |
7673 | free(tmp); | 7706 | free(tmp); |
7674 | 7707 | ||
7675 | char *newPath = xmprintf("%s/current/bin/sledjchisl", scRoot); | 7708 | char *newPath = xmprintf("%s/current/bin/sledjchisl", scRoot); |
@@ -7901,12 +7934,14 @@ jit library is loaded or the JIT compiler will not be activated. | |||
7901 | { | 7934 | { |
7902 | if (checkSimIsRunning("ROBUST") && (NULL == ourSims->target)) | 7935 | if (checkSimIsRunning("ROBUST") && (NULL == ourSims->target)) |
7903 | { | 7936 | { |
7904 | // TODO - remove this once we handle the fcgi stuff ourselves. | 7937 | // TODO - remove this once we handle the fcgi stuff ourselves. |
7905 | I("Starting the web stuff."); | 7938 | I("Starting the web stuff."); |
7906 | char *c = xmprintf("spawn-fcgi -n -u %s -s %s/sledjchisl.socket -M 0660 -G www-data -- /usr/bin/valgrind --leak-check=full sledjchisl", | 7939 | // Make the FCGI socket world read / write, coz we can't set it to group www-data, since -G only works for root, and we ain't root. |
7907 | scUser, scCache, scRoot); | 7940 | // TODO - BIG SECURITY HOLE??? |
7908 | sendTmuxCmd(Ttab, c); | 7941 | char *c = xmprintf("spawn-fcgi -n -u %s -s %s/sledjchisl.socket -M 0666 -G www-data -- /usr/bin/valgrind --leak-check=full sledjchisl", |
7909 | free(c); | 7942 | scUser, scRun, scRoot); |
7943 | sendTmuxCmd(Ttab, c); | ||
7944 | free(c); | ||
7910 | } | 7945 | } |
7911 | else | 7946 | else |
7912 | I("NOT Starting the web stuff."); | 7947 | I("NOT Starting the web stuff."); |