From 68fe713335183dd37ced78821711c2a3f1ea2cc7 Mon Sep 17 00:00:00 2001
From: Thomas Guyot-Sionnest <dermoth@aei.ca>
Date: Sat, 25 Jan 2014 04:22:09 -0500
Subject: Ignore MP_STATE_DIRECTORY in suid plugins

If a plugin still has suid privileges at the time np_enable_state() is
called, the MP_STATE_DIRECTORY environment will be ignored.

There is no need for a NEWS entry as no suid plugins use np_enable_state
yet.

diff --git a/lib/tests/test_utils.c b/lib/tests/test_utils.c
index 12252f4..8c3ee22 100644
--- a/lib/tests/test_utils.c
+++ b/lib/tests/test_utils.c
@@ -38,7 +38,7 @@ main (int argc, char **argv)
 	state_data *temp_state_data;
 	time_t	current_time;
 
-	plan_tests(150);
+	plan_tests(151);
 
 	ok( this_monitoring_plugin==NULL, "monitoring_plugin not initialised");
 
@@ -440,6 +440,8 @@ main (int argc, char **argv)
 
 	ok( this_monitoring_plugin==NULL, "Free'd this_monitoring_plugin" );
 
+	ok( mp_suid() == FALSE, "test aren't suid" );
+
 	return exit_status();
 }
 
diff --git a/lib/utils_base.c b/lib/utils_base.c
index 304b732..5c838d1 100644
--- a/lib/utils_base.c
+++ b/lib/utils_base.c
@@ -30,6 +30,8 @@
 #include <ctype.h>
 #include <fcntl.h>
 #include <sys/stat.h>
+#include <unistd.h>
+#include <sys/types.h>
 
 #define np_free(ptr) { if(ptr) { free(ptr); ptr = NULL; } }
 
@@ -415,14 +417,18 @@ void _cleanup_state_data() {
 char* _np_state_calculate_location_prefix(){
 	char *env_dir;
 
-	/* FIXME: Undocumented */
-	env_dir = getenv("MP_STATE_DIRECTORY");
-	if(env_dir && env_dir[0] != '\0')
-		return env_dir;
-	/* This is the former ENV, for backward-compatibility */
-	env_dir = getenv("NAGIOS_PLUGIN_STATE_DIRECTORY");
-	if(env_dir && env_dir[0] != '\0')
-		return env_dir;
+	/* Do not allow passing MP_STATE_DIRECTORY in setuid plugins
+	 * for security reasons */
+	if (mp_suid() == FALSE) {
+		/* FIXME: Undocumented */
+		env_dir = getenv("MP_STATE_DIRECTORY");
+		if(env_dir && env_dir[0] != '\0')
+			return env_dir;
+		/* This is the former ENV, for backward-compatibility */
+		env_dir = getenv("NAGIOS_PLUGIN_STATE_DIRECTORY");
+		if(env_dir && env_dir[0] != '\0')
+			return env_dir;
+	}
 
 	return NP_STATE_DIR_PREFIX;
 }
diff --git a/lib/utils_base.h b/lib/utils_base.h
index 86adecf..b4bd92e 100644
--- a/lib/utils_base.h
+++ b/lib/utils_base.h
@@ -102,4 +102,8 @@ void np_init(char *, int argc, char **argv);
 void np_set_args(int argc, char **argv);
 void np_cleanup();
 
+/* mp_suid() returns true if the real and effective uids differs, such as when
+ * running a suid plugin */
+#define mp_suid() (getuid() != geteuid())
+
 #endif /* _UTILS_BASE_ */
-- 
cgit v0.10-9-g596f