From e83b6fdca00dbf4a3b194c29bcc5c22e381f16db Mon Sep 17 00:00:00 2001 From: OBATA Akio Date: Wed, 12 Aug 2020 17:29:38 +0900 Subject: [PATCH] Add LOCAL_PEEREID sockopt support for peer socket uid check It is supported on NetBSD 5 and later. Signed-off-by: OBATA Akio (cherry picked from commit 7827038ab45c300b86bee1b9fb6cf0f78461c0e7) --- dcop/dcopclient.cpp | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/dcop/dcopclient.cpp b/dcop/dcopclient.cpp index 6a740e2ff..a64a681f9 100644 --- a/dcop/dcopclient.cpp +++ b/dcop/dcopclient.cpp @@ -41,6 +41,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. #include #include #include +#include #include #include @@ -713,10 +714,12 @@ bool DCOPClient::isSuspended() const return !d->notifier->isEnabled(); } -#ifdef SO_PEERCRED +#if defined(SO_PEERCRED) || defined(LOCAL_PEEREID) +#define USE_PEER_IS_US // Check whether the remote end is owned by the same user. static bool peerIsUs(int sockfd) { +#ifdef SO_PEERCRED #if defined(__OpenBSD__) struct sockpeercred cred; #else @@ -726,6 +729,13 @@ static bool peerIsUs(int sockfd) if (getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cred, &siz) != 0) return false; return (cred.uid == getuid()); +#elif defined LOCAL_PEEREID + struct unpcbid cred; + socklen_t siz = sizeof(cred); + if (getsockopt(sockfd, 0, LOCAL_PEEREID, &cred, &siz) != 0 || siz != sizeof(cred)) + return false; + return (cred.unp_euid == geteuid()); +#endif } #else // Check whether the socket is owned by the same user. @@ -871,7 +881,7 @@ bool DCOPClient::attachInternal( bool registerAsAnonymous ) return false; } -#ifdef SO_PEERCRED +#ifdef USE_PEER_IS_US d->foreign_server = !peerIsUs(socket()); #else d->foreign_server = !isServerSocketOwnedByUser(d->serverAddr);