mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-05-12 15:44:35 +02:00
935e7613cf
This commit backports a patch from OpenBSD upstream for increasing resistance to rowhammer attacks. A similar patch has recently been committed to sudo. The patch has not made its way into OpenDoas yet. Unfortunately, OpenDoas development seems to have stalled a bit (last commit was 2 years ago).
73 lines
2.1 KiB
Diff
73 lines
2.1 KiB
Diff
This patch has been taken from OpenBSD upstream, it changes permit bits to make
|
|
them more rowhammer-resistent. A similar patch has also been committed to sudo.
|
|
|
|
The patch has not made its way into OpenDoas yet, but at the time of writting
|
|
OpenDoas upstream is rather stale (last commit was done 2 years ago).
|
|
|
|
See:
|
|
|
|
* https://github.com/openbsd/src/commit/38599afa1d1d1f14a897b01350e8ce94486e1788
|
|
* https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f
|
|
|
|
diff --git a/doas.c b/doas.c
|
|
index ac3a42a..93f0836 100644
|
|
--- a/doas.c
|
|
+++ b/doas.c
|
|
@@ -148,8 +148,10 @@ permit(uid_t uid, gid_t *groups, int ngroups, const struct rule **lastr,
|
|
*lastr = rules[i];
|
|
}
|
|
if (!*lastr)
|
|
+ return -1;
|
|
+ if ((*lastr)->action == PERMIT)
|
|
return 0;
|
|
- return (*lastr)->action == PERMIT;
|
|
+ return -1;
|
|
}
|
|
|
|
static void
|
|
@@ -184,6 +186,7 @@ checkconfig(const char *confpath, int argc, char **argv,
|
|
uid_t uid, gid_t *groups, int ngroups, uid_t target)
|
|
{
|
|
const struct rule *rule;
|
|
+ int rv;
|
|
|
|
if (setresuid(uid, uid, uid) != 0)
|
|
err(1, "setresuid");
|
|
@@ -191,9 +194,9 @@ checkconfig(const char *confpath, int argc, char **argv,
|
|
parseconfig(confpath, 0);
|
|
if (!argc)
|
|
exit(0);
|
|
-
|
|
- if (permit(uid, groups, ngroups, &rule, target, argv[0],
|
|
- (const char **)argv + 1)) {
|
|
+ rv = permit(uid, groups, ngroups, &rule, target, argv[0],
|
|
+ (const char **)argv + 1);
|
|
+ if (rv == 0) {
|
|
printf("permit%s\n", (rule->options & NOPASS) ? " nopass" : "");
|
|
exit(0);
|
|
} else {
|
|
@@ -342,8 +345,9 @@ main(int argc, char **argv)
|
|
}
|
|
|
|
cmd = argv[0];
|
|
- if (!permit(uid, groups, ngroups, &rule, target, cmd,
|
|
- (const char **)argv + 1)) {
|
|
+ rv = permit(uid, groups, ngroups, &rule, target, cmd,
|
|
+ (const char **)argv + 1);
|
|
+ if (rv != 0) {
|
|
syslog(LOG_AUTHPRIV | LOG_NOTICE,
|
|
"command not permitted for %s: %s", mypw->pw_name, cmdline);
|
|
errc(1, EPERM, NULL);
|
|
diff --git a/doas.h b/doas.h
|
|
index a8aa41b..591816f 100644
|
|
--- a/doas.h
|
|
+++ b/doas.h
|
|
@@ -36,7 +36,7 @@ struct passwd;
|
|
char **prepenv(const struct rule *, const struct passwd *,
|
|
const struct passwd *);
|
|
|
|
-#define PERMIT 1
|
|
+#define PERMIT -1
|
|
#define DENY 2
|
|
|
|
#define NOPASS 0x1
|