From: itlm019 Date: Sat, 26 Aug 2000 00:12:50 +0000 (+0000) Subject: Dropbox kludge -- fixed file overwrites, I don't plan any more dev. on this. X-Git-Tag: netatalk-1-5-rc1~677 X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=commitdiff_plain;ds=sidebyside;h=3cc6ca93ec7b173bffbf9c04e30b58a7ce954397;p=netatalk.git Dropbox kludge -- fixed file overwrites, I don't plan any more dev. on this. See docs for details. THERE IS A KNOWN SECURITY HOLE IN THIS KLUDGE WHICH I CAN'T FIGURE OUT HOW TO FIX. --- diff --git a/etc/afpd/file.c b/etc/afpd/file.c index 63a4ce16..c1a56edc 100644 --- a/etc/afpd/file.c +++ b/etc/afpd/file.c @@ -330,7 +330,6 @@ int afp_createfile(obj, ibuf, ibuflen, rbuf, rbuflen ) int creatf, did, openf; u_int16_t vid; - syslog(LOG_INFO, "afp_createfile"); *rbuflen = 0; ibuf++; creatf = (unsigned char) *ibuf++; @@ -422,16 +421,33 @@ you are a developer who wants to try it out and fix it. */ strcpy (adpath, "./.AppleDouble/"); strcat (adpath, path); seteuid(0); /* Become root to change the owner of the file */ - syslog (LOG_INFO, "Changing %s to uid=%d gid=%d", path, sb.st_uid, sb.st_gid); - if (chown(path, sb.st_uid, sb.st_gid)==-1) - syslog (LOG_ERR, "Error changing permissions: %m"); + if (chown(path, sb.st_uid, sb.st_gid) < 0) + { + syslog (LOG_ERR, "Error changing owner/gid: %m"); + return (-1); + } /* In order to write information to the file, the Mac client needs to be able to read from it too, so read bits have to be turned on. Directory permissions remain unchanged */ - chmod(path,(sb.st_mode&0x0FFFF)| S_IRGRP| S_IROTH); - if (chown(adpath, sb.st_uid, sb.st_gid)==-1) - syslog (LOG_ERR, "Error changing AppleDouble permissions: %m"); - syslog (LOG_INFO, "Changing afpd owner back to %d", uid); + stat(upath, &st); + if (chmod(path,(st.st_mode&0x0FFFF)| S_IRGRP| S_IROTH) < 0) + { + syslog (LOG_ERR, "Error adding file read permissions: %m"); + return (-1); + } + else syslog (LOG_DEBUG, "Added S_IRGRP and S_IROTH: %m"); + if (chown(adpath, sb.st_uid, sb.st_gid) < 0) + { + syslog (LOG_ERR, "Error changing AppleDouble owner/gid: %m"); + return (-1); + } + if (chmod(adpath,(st.st_mode&0x0FFFF)| S_IRGRP| S_IROTH) < 0) + { + syslog (LOG_ERR, "Error adding AD file read permissions: %m"); + return (-1); + } + else syslog (LOG_DEBUG, "Added S_IRGRP and S_IROTH to AD: %m"); + syslog (LOG_DEBUG, "Changing afpd owner back to %d", uid); seteuid(uid); /* Restore process ownership to normal */ } } @@ -453,7 +469,6 @@ int afp_setfilparams(obj, ibuf, ibuflen, rbuf, rbuflen ) int did, rc; u_int16_t vid, bitmap; - syslog (LOG_INFO, "afp_setfilparams"); *rbuflen = 0; ibuf += 2; @@ -744,7 +759,6 @@ int afp_copyfile(obj, ibuf, ibuflen, rbuf, rbuflen ) int plen, err; u_int16_t svid, dvid; - syslog(LOG_INFO, "afp_copyfile"); *rbuflen = 0; ibuf += 2; @@ -1128,7 +1142,6 @@ int afp_createid(obj, ibuf, ibuflen, rbuf, rbuflen ) cnid_t did, id; u_short vid; - syslog(LOG_INFO, "afp_createid"); *rbuflen = 0; ibuf += 2; @@ -1218,7 +1231,6 @@ int afp_resolveid(obj, ibuf, ibuflen, rbuf, rbuflen ) cnid_t id; u_int16_t vid, bitmap; - syslog(LOG_INFO, "afp_resolveid"); *rbuflen = 0; ibuf += 2; @@ -1281,7 +1293,6 @@ int afp_deleteid(obj, ibuf, ibuflen, rbuf, rbuflen ) cnid_t id; u_short vid; - syslog(LOG_INFO, "afp_deleteid"); *rbuflen = 0; ibuf += 2; @@ -1359,7 +1370,6 @@ int afp_exchangefiles(obj, ibuf, ibuflen, rbuf, rbuflen ) cnid_t sid, did; u_int16_t vid; - syslog(LOG_INFO, "afp_exchangefiles"); *rbuflen = 0; ibuf += 2; diff --git a/etc/afpd/unix.c b/etc/afpd/unix.c index 121be60c..f960b59e 100644 --- a/etc/afpd/unix.c +++ b/etc/afpd/unix.c @@ -173,6 +173,38 @@ mode_t mtoumode( ma ) return( mode ); } +inline int stickydirmode(name, mode) +char * name; +const mode_t mode; +{ + int uid, retval; + +/* Turn on the sticky bit if this is a drop box */ + retval=0; +#ifdef DROPKLUDGE + if (mode & S_IWOTH) + if (mode & S_IROTH); + else /* if S_IWOTH and not S_IROTH */ + { + uid=geteuid(); + seteuid(0); + if ( retval=chmod( name, (DIRBITS | mode | S_ISVTX)) < 0) + { + syslog( LOG_ERR, "stickydirmode::setdirmode error: chmod %s: %m", name ); + return(-1); + } + else + { + syslog( LOG_DEBUG, "stickydirmode::setdirmode: chmod %s: %m", name ); + seteuid(uid); + } + } + else +#endif DROPKLUDGE + if ( retval=chmod( name, DIRBITS | mode ) < 0 ) + syslog( LOG_DEBUG, "stickydirmode::setdirmode: chmod %s: %m", name ); + return retval; +} int setdeskmode( mode ) const mode_t mode; @@ -273,12 +305,9 @@ int setdirmode( mode, noadouble ) if (S_ISREG(st.st_mode)) { /* XXX: need to preserve special modes */ if (S_ISDIR(st.st_mode)) { - if ( chmod( dirp->d_name, DIRBITS | mode ) < 0 ) { - syslog( LOG_DEBUG, "setdirmode: chmod %s: %m", dirp->d_name ); - } - } else if ( chmod( dirp->d_name, mode ) < 0 ) { - syslog( LOG_DEBUG, "setdirmode: chmod %s: %m", dirp->d_name ); - } + stickydirmode(dirp->d_name, DIRBITS | mode); + } else + stickydirmode(dirp->d_name, mode); } } closedir( dir ); @@ -305,29 +334,22 @@ int setdirmode( mode, noadouble ) } if (S_ISDIR(st.st_mode)) { - if ( chmod(buf, DIRBITS | mode) < 0 ) { - syslog( LOG_DEBUG, "setdirmode: chmod %s: %m", buf ); - } - } else if ( chmod(buf, mode) < 0 ) { - syslog( LOG_DEBUG, "setdirmode: chmod %s: %m", buf ); - } - } + stickydirmode( buf, DIRBITS | mode ); + } else + stickydirmode( buf, mode ); + } /* end for */ closedir( dir ); /* XXX: use special bits to tag directory permissions */ /* XXX: need to preserve special modes */ - if ( chmod( ".AppleDouble", DIRBITS | mode ) < 0 ) { - syslog( LOG_ERR, "setdirmode: chmod .AppleDouble: %m" ); + if ( stickydirmode(".AppleDouble", DIRBITS | mode) < 0 ) return( -1 ); - } setdirmode_noadouble: /* XXX: need to preserve special modes */ - if ( chmod( ".", DIRBITS | mode ) < 0 ) { - syslog( LOG_ERR, "setdirmode: chmod .: %m" ); + if ( stickydirmode(".", DIRBITS | mode) < 0 ) return( -1 ); - } return( 0 ); }