Update setuid implementation

gertoe · Jan 10, 2021 · c02d0ea · c02d0ea
1 parent d3ffe61
commit c02d0ea
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 34 deletions.
diff --git a/libfriidump/dvd_drive.c b/libfriidump/dvd_drive.c
@@ -354,9 +354,11 @@ dvd_drive *dvd_drive_new (char *device, u_int32_t command) {
 	int fd;
 #endif
 
+#ifndef WIN32
 	/* Force the dropping of privileges: in our model, privileges are only used to execute memory dump commands, the user
 	   must gain access to the device somehow else (i. e. get added to the "cdrom" group or similar things) */
 	drop_euid ();
+#endif
 
 	debug ("Trying to open DVD device %s", device);
 #ifdef WIN32
@@ -752,4 +754,4 @@ u_int32_t dvd_get_def_method (dvd_drive *dvd){
 
 u_int32_t dvd_get_command (dvd_drive *dvd){
 	return (dvd -> command);
-}
+}
diff --git a/libfriidump/misc.c b/libfriidump/misc.c
@@ -26,7 +26,7 @@
 #include <string.h>
 #include <ctype.h>
 #include <sys/types.h>
-//#include <sys/time.h>
+#include <sys/time.h>
 #include <time.h>
 
 /*** LOGGING STUFF ***/
@@ -260,55 +260,50 @@ my_off_t my_ftell (FILE* fp) {
 
 
 
-/*** STUFF FOR DROPPING PRIVILEGES ***/
+/*** STUFF FOR DROPPING PRIVILEGES ON POSIX OS ***/
 
 /* WARNING: I'm not sure at all that the privileges-dropping system I have implemented is secure, so don't rely too much on it. */
 
 #ifndef WIN32
-#include <unistd.h>
-#endif
-
 /**
- * Drops privileges to those of the real user (i. e. set euid to ruid).
+ * Drops privileges to those of the real user (i. e. set euid to ruid)
+ * if using setuid privilege escalation as a non-root user.
  */
 void drop_euid () {
-#ifndef WIN32
-	uid_t uid, euid;
+	int status;
 
-	uid = getuid ();
-	euid = geteuid ();
-	if (uid != 0 && uid != euid) {
-#if 1
-		seteuid (uid);
-#else
-		if (seteuid (uid) != 0)
-			debug ("seteuid() to uid %d failed", uid);
-		else
-			debug ("Changed euid from %d to %d", euid, uid);
-#endif
+	if (ruid != 0 && ruid != euid) {
+    status = setreuid (euid, ruid);
+
+		if (status < 0) {
+			debug ("seteuid() to uid %d failed", ruid);
+    }
+		else {
+			debug ("Changed euid from %d to %d", euid, ruid);
+    }
 	}
-#endif
 
 	return;
 }
 
 
 /**
- * Upgrades priviles to those of root (i. e. set euid to 0).
+ * Upgrades priviles to those of root (i. e. set euid to 0)
+ * if using setuid privilege escalation as a non-root user.
  */
 void upgrade_euid () {
-#ifndef WIN32
-	if (getuid () != 0) {
-#if 1
-		seteuid (0);
-#else
-		if (seteuid (0) != 0)
+	int status;
+
+	if (ruid != 0) {
+    status = setreuid (ruid, euid);
+		if (status < 0) {
 			debug ("seteuid() to root failed");
-		else
-			debug ("Changed euid to root");
-#endif
+    }
+		else {
+			debug ("Changed uid to root");
+    }
 	}
-#endif
 
        return;
 }
+#endif
diff --git a/libfriidump/misc.h b/libfriidump/misc.h
@@ -31,7 +31,9 @@
 /*** Windows stuff ***/
 #include "win32compat.h"
 
+#ifndef _GNU_SOURCE
 #define _GNU_SOURCE		// For strndup()
+#endif
 
 #include <stdio.h>
 #include <string.h>
@@ -123,8 +125,16 @@ my_off_t my_ftell (FILE* fp);
 
 
 /*** STUFF FOR DROPPING PRIVILEGES ***/
+#ifndef WIN32
+
+#include <unistd.h>
+
 FRIIDUMPLIB_EXPORT void drop_euid ();
 FRIIDUMPLIB_EXPORT void upgrade_euid ();
+
+/* store real and effective uid */
+static uid_t ruid, euid;
+#endif
 /******/
 
 

diff --git a/src/friidump.c b/src/friidump.c
@@ -54,7 +54,6 @@
 #include <getopt.h>
 #endif
 
-
 /* Struct for program options */
 struct {
 	char *device;
@@ -663,8 +662,14 @@ int main (int argc, char *argv[]) {
 	unscrambler_progress_func pfunc;
 	u_int32_t current_sector;
 
-	/* First of all... */
+#ifndef WIN32
+  /* store real and effective uids */
+	ruid = getuid ();
+	euid = geteuid ();
+
+	/* First of all, drop privileges to real uid... */
 	drop_euid ();
+#endif
 
 	welcome ();