UPDATED: memcached integration with (Open)Solaris privileges

Brad Fitzpatrick brad at danga.com
Tue Jun 17 03:41:26 UTC 2008


Few comments:

* variables named like "pPrivSet" do not match local style.

* large #ifdef'ed out code are generally frowned upon.  Could it be in a
separate file (solaris-priv-drop.c?) which is conditionally compiled and
linked in?  Then the #ifdef segment could be one line.


On Mon, Jun 16, 2008 at 5:13 PM, Glenn Brunette <Glenn.Brunette at sun.com>
wrote:

>
> [Sorry for the re-send.  Not sure what is going on.  Full message
> was in Thunderbird when I sent it...]
>
> All,
>
> Per a suggestion from Brad, I wanted to follow up on my original
> posting with unified diffs for each of the two files modified.  In
> addition, I compiled and tested memcached with these changes on a
> up-to-date (fully patched) Ubuntu Linux (Hardy Heron) system and
> everything worked as expected.  Tests pass on both Solaris and Linux.
>
> During "configure", you will see the following on Linux:
>
> checking for setppriv... no
> checking priv.h usability... no
> checking priv.h presence... no
> checking for priv.h... no
>
> During "configure", you will see the following on Solaris:
>
> checking for setppriv... yes
> checking priv.h usability... yes
> checking priv.h presence... yes
> checking for priv.h... yes
>
> Included below are the unifed diffs...
>
> g
>
> --- BEGIN DIFFS ---
>
> --- memcached-1.2.5/configure.ac        Mon Mar  3 14:59:47 2008
> +++ memcached-1.2.5-priv/configure.ac   Mon Jun  9 10:45:53 2008
> @@ -201,6 +201,8 @@
>  AC_CHECK_FUNCS(mlockall)
>  AC_CHECK_FUNCS(getpagesizes)
>  AC_CHECK_FUNCS(memcntl)
> +AC_CHECK_FUNCS(setppriv)
> +AC_CHECK_HEADER(priv.h, AC_DEFINE(HAVE_PRIV_H,,[do we have priv.h?]))
>
>  AC_CONFIG_FILES(Makefile doc/Makefile)
>  AC_OUTPUT
>
>
>
> --- ./memcached-1.2.5/memcached.c       Mon Mar  3 14:13:45 2008
> +++ ./memcached-1.2.5-priv/memcached.c  Mon Jun  9 13:31:04 2008
> @@ -59,6 +59,10 @@
>  #endif
>  #endif
>
> +#ifdef HAVE_PRIV_H
> +#include <priv.h>
> +#endif /* HAVE_PRIV_H */
> +
>  /*
>  * forward declarations
>  */
> @@ -3044,7 +3048,55 @@
>         }
>     }
>
> +#if defined(HAVE_PRIV_H) && defined(HAVE_SETPPRIV)
>
> +    /* this section of code will drop all (Solaris) privileges including
> those
> +     * normally granted to all userland process (basic privileges). The
> effect
> +     * of this is that after running this code, the process will not able
> to
> +     * fork(), exec(), etc.  See privileges(5) for more information.
> +     */
> +
> +    priv_set_t *pPrivSet = NULL;
> +    priv_set_t *oPrivSet = NULL;
> +
> +    if ((pPrivSet = priv_str_to_set("basic", ",", NULL)) == NULL) {
> +        perror("priv_str_to_set");
> +        exit(EXIT_FAILURE);
> +    }
> +
> +    (void) priv_delset(pPrivSet, PRIV_FILE_LINK_ANY);
> +    (void) priv_delset(pPrivSet, PRIV_PROC_EXEC);
> +    (void) priv_delset(pPrivSet, PRIV_PROC_FORK);
> +    (void) priv_delset(pPrivSet, PRIV_PROC_INFO);
> +    (void) priv_delset(pPrivSet, PRIV_PROC_SESSION);
> +
> +    if (setppriv(PRIV_SET, PRIV_PERMITTED, pPrivSet) != 0) {
> +        perror("setppriv(PRIV_SET, PRIV_PERMITTED)");
> +        exit(EXIT_FAILURE);
> +    }
> +
> +    if ((oPrivSet = priv_allocset()) == NULL) {
> +        perror("priv_allocset");
> +        exit(EXIT_FAILURE);
> +    }
> +
> +    priv_emptyset(oPrivSet);
> +
> +    if (setppriv(PRIV_SET, PRIV_INHERITABLE, oPrivSet) != 0) {
> +        perror("setppriv(PRIV_SET, PRIV_INHERITABLE)");
> +        exit(EXIT_FAILURE);
> +    }
> +
> +    if (setppriv(PRIV_SET, PRIV_LIMIT, oPrivSet) != 0) {
> +        perror("setppriv(PRIV_SET, PRIV_LIMIT)");
> +        exit(EXIT_FAILURE);
> +    }
> +
> +    priv_freeset(pPrivSet);
> +    priv_freeset(oPrivSet);
> +
> +#endif /* defined(HAVE_PRIV_H) && defined(HAVE_SETPPRIV) */
> +
>     /* initialize main thread libevent instance */
>     main_base = event_init();
>
>
> --- END DIFFS ---
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.danga.com/pipermail/memcached/attachments/20080616/08c79153/attachment.htm 


More information about the memcached mailing list