[monitoring-plugins] Ignore MP_STATE_DIRECTORY in suid plugins

Git Repository git at monitoring-plugins.org
Sat Jan 25 10:40:07 CET 2014

Previous message: [monitoring-plugins] Clean up parse_ini error messages, add missing ...
Next message: [monitoring-plugins] Fix tests with an empty NPTest.cache file
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 Module: monitoring-plugins
 Branch: master
 Commit: 68fe713335183dd37ced78821711c2a3f1ea2cc7
 Author: Thomas Guyot-Sionnest <dermoth at aei.ca>
   Date: Sat Jan 25 04:22:09 2014 -0500
    URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=68fe713

Ignore MP_STATE_DIRECTORY in suid plugins

If a plugin still has suid privileges at the time np_enable_state() is
called, the MP_STATE_DIRECTORY environment will be ignored.

There is no need for a NEWS entry as no suid plugins use np_enable_state
yet.

---

 lib/tests/test_utils.c |  4 +++-
 lib/utils_base.c       | 22 ++++++++++++++--------
 lib/utils_base.h       |  4 ++++
 3 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/lib/tests/test_utils.c b/lib/tests/test_utils.c
index 12252f4..8c3ee22 100644
--- a/lib/tests/test_utils.c
+++ b/lib/tests/test_utils.c
@@ -38,7 +38,7 @@ main (int argc, char **argv)
 	state_data *temp_state_data;
 	time_t	current_time;
 
-	plan_tests(150);
+	plan_tests(151);
 
 	ok( this_monitoring_plugin==NULL, "monitoring_plugin not initialised");
 
@@ -440,6 +440,8 @@ main (int argc, char **argv)
 
 	ok( this_monitoring_plugin==NULL, "Free'd this_monitoring_plugin" );
 
+	ok( mp_suid() == FALSE, "test aren't suid" );
+
 	return exit_status();
 }
 
diff --git a/lib/utils_base.c b/lib/utils_base.c
index 304b732..5c838d1 100644
--- a/lib/utils_base.c
+++ b/lib/utils_base.c
@@ -30,6 +30,8 @@
 #include <ctype.h>
 #include <fcntl.h>
 #include <sys/stat.h>
+#include <unistd.h>
+#include <sys/types.h>
 
 #define np_free(ptr) { if(ptr) { free(ptr); ptr = NULL; } }
 
@@ -415,14 +417,18 @@ void _cleanup_state_data() {
 char* _np_state_calculate_location_prefix(){
 	char *env_dir;
 
-	/* FIXME: Undocumented */
-	env_dir = getenv("MP_STATE_DIRECTORY");
-	if(env_dir && env_dir[0] != '\0')
-		return env_dir;
-	/* This is the former ENV, for backward-compatibility */
-	env_dir = getenv("NAGIOS_PLUGIN_STATE_DIRECTORY");
-	if(env_dir && env_dir[0] != '\0')
-		return env_dir;
+	/* Do not allow passing MP_STATE_DIRECTORY in setuid plugins
+	 * for security reasons */
+	if (mp_suid() == FALSE) {
+		/* FIXME: Undocumented */
+		env_dir = getenv("MP_STATE_DIRECTORY");
+		if(env_dir && env_dir[0] != '\0')
+			return env_dir;
+		/* This is the former ENV, for backward-compatibility */
+		env_dir = getenv("NAGIOS_PLUGIN_STATE_DIRECTORY");
+		if(env_dir && env_dir[0] != '\0')
+			return env_dir;
+	}
 
 	return NP_STATE_DIR_PREFIX;
 }
diff --git a/lib/utils_base.h b/lib/utils_base.h
index 86adecf..b4bd92e 100644
--- a/lib/utils_base.h
+++ b/lib/utils_base.h
@@ -102,4 +102,8 @@ void np_init(char *, int argc, char **argv);
 void np_set_args(int argc, char **argv);
 void np_cleanup();
 
+/* mp_suid() returns true if the real and effective uids differs, such as when
+ * running a suid plugin */
+#define mp_suid() (getuid() != geteuid())
+
 #endif /* _UTILS_BASE_ */

Previous message: [monitoring-plugins] Clean up parse_ini error messages, add missing ...
Next message: [monitoring-plugins] Fix tests with an empty NPTest.cache file
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Commits mailing list