diff options
| author | Holger Weiss <holger@zedat.fu-berlin.de> | 2014-06-18 21:22:12 (GMT) |
|---|---|---|
| committer | Holger Weiss <holger@zedat.fu-berlin.de> | 2014-06-18 21:22:12 (GMT) |
| commit | 48025ff39c3a78b7805bf803ac96730cef53e15c (patch) | |
| tree | bbaf7c1147cf8077547bc47d5839a0e058f66765 | |
| parent | 2bf7647be60cd53d9e54fdcf970a90fe08797819 (diff) | |
| download | monitoring-plugins-48025ff.tar.gz | |
lib/parse_ini.c: Drop privileges for reading file
Read the configuration file with privileges temporarily dropped if the
code is used by a setuid plugin.
| -rw-r--r-- | lib/parse_ini.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/parse_ini.c b/lib/parse_ini.c index 447bd45..86b94e7 100644 --- a/lib/parse_ini.c +++ b/lib/parse_ini.c | |||
| @@ -22,6 +22,7 @@ | |||
| 22 | *****************************************************************************/ | 22 | *****************************************************************************/ |
| 23 | 23 | ||
| 24 | #include "common.h" | 24 | #include "common.h" |
| 25 | #include "idpriv.h" | ||
| 25 | #include "utils_base.h" | 26 | #include "utils_base.h" |
| 26 | #include "parse_ini.h" | 27 | #include "parse_ini.h" |
| 27 | 28 | ||
| @@ -118,6 +119,11 @@ np_get_defaults(const char *locator, const char *default_section) | |||
| 118 | FILE *inifile = NULL; | 119 | FILE *inifile = NULL; |
| 119 | np_arg_list *defaults = NULL; | 120 | np_arg_list *defaults = NULL; |
| 120 | np_ini_info i; | 121 | np_ini_info i; |
| 122 | int is_suid_plugin = mp_suid(); | ||
| 123 | |||
| 124 | if (is_suid_plugin && idpriv_temp_drop() == -1) | ||
| 125 | die(STATE_UNKNOWN, _("Cannot drop privileges: %s\n"), | ||
| 126 | strerror(errno)); | ||
| 121 | 127 | ||
| 122 | parse_locator(locator, default_section, &i); | 128 | parse_locator(locator, default_section, &i); |
| 123 | inifile = strcmp(i.file, "-") == 0 ? stdin : fopen(i.file, "r"); | 129 | inifile = strcmp(i.file, "-") == 0 ? stdin : fopen(i.file, "r"); |
| @@ -133,6 +139,10 @@ np_get_defaults(const char *locator, const char *default_section) | |||
| 133 | if (inifile != stdin) | 139 | if (inifile != stdin) |
| 134 | fclose(inifile); | 140 | fclose(inifile); |
| 135 | free(i.stanza); | 141 | free(i.stanza); |
| 142 | if (is_suid_plugin && idpriv_temp_restore() == -1) | ||
| 143 | die(STATE_UNKNOWN, _("Cannot restore privileges: %s\n"), | ||
| 144 | strerror(errno)); | ||
| 145 | |||
| 136 | return defaults; | 146 | return defaults; |
| 137 | } | 147 | } |
| 138 | 148 | ||