UPDATED: memcached integration with (Open)Solaris privileges
Glenn Brunette
Glenn.Brunette at Sun.COM
Tue Jun 17 13:27:31 UTC 2008
Absolutely. I will send out an updated diff once it is available.
g
Brad Fitzpatrick wrote:
> Few comments:
>
> * variables named like "pPrivSet" do not match local style.
>
> * large #ifdef'ed out code are generally frowned upon. Could it be in a
> separate file (solaris-priv-drop.c?) which is conditionally compiled and
> linked in? Then the #ifdef segment could be one line.
>
>
> On Mon, Jun 16, 2008 at 5:13 PM, Glenn Brunette <Glenn.Brunette at sun.com>
> wrote:
>
>
>> [Sorry for the re-send. Not sure what is going on. Full message
>> was in Thunderbird when I sent it...]
>>
>> All,
>>
>> Per a suggestion from Brad, I wanted to follow up on my original
>> posting with unified diffs for each of the two files modified. In
>> addition, I compiled and tested memcached with these changes on a
>> up-to-date (fully patched) Ubuntu Linux (Hardy Heron) system and
>> everything worked as expected. Tests pass on both Solaris and Linux.
>>
>> During "configure", you will see the following on Linux:
>>
>> checking for setppriv... no
>> checking priv.h usability... no
>> checking priv.h presence... no
>> checking for priv.h... no
>>
>> During "configure", you will see the following on Solaris:
>>
>> checking for setppriv... yes
>> checking priv.h usability... yes
>> checking priv.h presence... yes
>> checking for priv.h... yes
>>
>> Included below are the unifed diffs...
>>
>> g
>>
>> --- BEGIN DIFFS ---
>>
>> --- memcached-1.2.5/configure.ac Mon Mar 3 14:59:47 2008
>> +++ memcached-1.2.5-priv/configure.ac Mon Jun 9 10:45:53 2008
>> @@ -201,6 +201,8 @@
>> AC_CHECK_FUNCS(mlockall)
>> AC_CHECK_FUNCS(getpagesizes)
>> AC_CHECK_FUNCS(memcntl)
>> +AC_CHECK_FUNCS(setppriv)
>> +AC_CHECK_HEADER(priv.h, AC_DEFINE(HAVE_PRIV_H,,[do we have priv.h?]))
>>
>> AC_CONFIG_FILES(Makefile doc/Makefile)
>> AC_OUTPUT
>>
>>
>>
>> --- ./memcached-1.2.5/memcached.c Mon Mar 3 14:13:45 2008
>> +++ ./memcached-1.2.5-priv/memcached.c Mon Jun 9 13:31:04 2008
>> @@ -59,6 +59,10 @@
>> #endif
>> #endif
>>
>> +#ifdef HAVE_PRIV_H
>> +#include <priv.h>
>> +#endif /* HAVE_PRIV_H */
>> +
>> /*
>> * forward declarations
>> */
>> @@ -3044,7 +3048,55 @@
>> }
>> }
>>
>> +#if defined(HAVE_PRIV_H) && defined(HAVE_SETPPRIV)
>>
>> + /* this section of code will drop all (Solaris) privileges including
>> those
>> + * normally granted to all userland process (basic privileges). The
>> effect
>> + * of this is that after running this code, the process will not able
>> to
>> + * fork(), exec(), etc. See privileges(5) for more information.
>> + */
>> +
>> + priv_set_t *pPrivSet = NULL;
>> + priv_set_t *oPrivSet = NULL;
>> +
>> + if ((pPrivSet = priv_str_to_set("basic", ",", NULL)) == NULL) {
>> + perror("priv_str_to_set");
>> + exit(EXIT_FAILURE);
>> + }
>> +
>> + (void) priv_delset(pPrivSet, PRIV_FILE_LINK_ANY);
>> + (void) priv_delset(pPrivSet, PRIV_PROC_EXEC);
>> + (void) priv_delset(pPrivSet, PRIV_PROC_FORK);
>> + (void) priv_delset(pPrivSet, PRIV_PROC_INFO);
>> + (void) priv_delset(pPrivSet, PRIV_PROC_SESSION);
>> +
>> + if (setppriv(PRIV_SET, PRIV_PERMITTED, pPrivSet) != 0) {
>> + perror("setppriv(PRIV_SET, PRIV_PERMITTED)");
>> + exit(EXIT_FAILURE);
>> + }
>> +
>> + if ((oPrivSet = priv_allocset()) == NULL) {
>> + perror("priv_allocset");
>> + exit(EXIT_FAILURE);
>> + }
>> +
>> + priv_emptyset(oPrivSet);
>> +
>> + if (setppriv(PRIV_SET, PRIV_INHERITABLE, oPrivSet) != 0) {
>> + perror("setppriv(PRIV_SET, PRIV_INHERITABLE)");
>> + exit(EXIT_FAILURE);
>> + }
>> +
>> + if (setppriv(PRIV_SET, PRIV_LIMIT, oPrivSet) != 0) {
>> + perror("setppriv(PRIV_SET, PRIV_LIMIT)");
>> + exit(EXIT_FAILURE);
>> + }
>> +
>> + priv_freeset(pPrivSet);
>> + priv_freeset(oPrivSet);
>> +
>> +#endif /* defined(HAVE_PRIV_H) && defined(HAVE_SETPPRIV) */
>> +
>> /* initialize main thread libevent instance */
>> main_base = event_init();
>>
>>
>> --- END DIFFS ---
>>
>>
>
>
More information about the memcached
mailing list