UPDATED: memcached integration with (Open)Solaris privileges
Glenn Brunette
Glenn.Brunette at Sun.COM
Tue Jun 17 00:13:12 UTC 2008
[Sorry for the re-send. Not sure what is going on. Full message
was in Thunderbird when I sent it...]
All,
Per a suggestion from Brad, I wanted to follow up on my original
posting with unified diffs for each of the two files modified. In
addition, I compiled and tested memcached with these changes on a
up-to-date (fully patched) Ubuntu Linux (Hardy Heron) system and
everything worked as expected. Tests pass on both Solaris and Linux.
During "configure", you will see the following on Linux:
checking for setppriv... no
checking priv.h usability... no
checking priv.h presence... no
checking for priv.h... no
During "configure", you will see the following on Solaris:
checking for setppriv... yes
checking priv.h usability... yes
checking priv.h presence... yes
checking for priv.h... yes
Included below are the unifed diffs...
g
--- BEGIN DIFFS ---
--- memcached-1.2.5/configure.ac Mon Mar 3 14:59:47 2008
+++ memcached-1.2.5-priv/configure.ac Mon Jun 9 10:45:53 2008
@@ -201,6 +201,8 @@
AC_CHECK_FUNCS(mlockall)
AC_CHECK_FUNCS(getpagesizes)
AC_CHECK_FUNCS(memcntl)
+AC_CHECK_FUNCS(setppriv)
+AC_CHECK_HEADER(priv.h, AC_DEFINE(HAVE_PRIV_H,,[do we have priv.h?]))
AC_CONFIG_FILES(Makefile doc/Makefile)
AC_OUTPUT
--- ./memcached-1.2.5/memcached.c Mon Mar 3 14:13:45 2008
+++ ./memcached-1.2.5-priv/memcached.c Mon Jun 9 13:31:04 2008
@@ -59,6 +59,10 @@
#endif
#endif
+#ifdef HAVE_PRIV_H
+#include <priv.h>
+#endif /* HAVE_PRIV_H */
+
/*
* forward declarations
*/
@@ -3044,7 +3048,55 @@
}
}
+#if defined(HAVE_PRIV_H) && defined(HAVE_SETPPRIV)
+ /* this section of code will drop all (Solaris) privileges
including those
+ * normally granted to all userland process (basic privileges).
The effect
+ * of this is that after running this code, the process will not
able to
+ * fork(), exec(), etc. See privileges(5) for more information.
+ */
+
+ priv_set_t *pPrivSet = NULL;
+ priv_set_t *oPrivSet = NULL;
+
+ if ((pPrivSet = priv_str_to_set("basic", ",", NULL)) == NULL) {
+ perror("priv_str_to_set");
+ exit(EXIT_FAILURE);
+ }
+
+ (void) priv_delset(pPrivSet, PRIV_FILE_LINK_ANY);
+ (void) priv_delset(pPrivSet, PRIV_PROC_EXEC);
+ (void) priv_delset(pPrivSet, PRIV_PROC_FORK);
+ (void) priv_delset(pPrivSet, PRIV_PROC_INFO);
+ (void) priv_delset(pPrivSet, PRIV_PROC_SESSION);
+
+ if (setppriv(PRIV_SET, PRIV_PERMITTED, pPrivSet) != 0) {
+ perror("setppriv(PRIV_SET, PRIV_PERMITTED)");
+ exit(EXIT_FAILURE);
+ }
+
+ if ((oPrivSet = priv_allocset()) == NULL) {
+ perror("priv_allocset");
+ exit(EXIT_FAILURE);
+ }
+
+ priv_emptyset(oPrivSet);
+
+ if (setppriv(PRIV_SET, PRIV_INHERITABLE, oPrivSet) != 0) {
+ perror("setppriv(PRIV_SET, PRIV_INHERITABLE)");
+ exit(EXIT_FAILURE);
+ }
+
+ if (setppriv(PRIV_SET, PRIV_LIMIT, oPrivSet) != 0) {
+ perror("setppriv(PRIV_SET, PRIV_LIMIT)");
+ exit(EXIT_FAILURE);
+ }
+
+ priv_freeset(pPrivSet);
+ priv_freeset(oPrivSet);
+
+#endif /* defined(HAVE_PRIV_H) && defined(HAVE_SETPPRIV) */
+
/* initialize main thread libevent instance */
main_base = event_init();
--- END DIFFS ---
More information about the memcached
mailing list