Changeset View
Changeset View
Standalone View
Standalone View
crypto/openssh/sandbox-capsicum.c
| Show All 9 Lines | |||||
| * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||||
| * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||||
| * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||||
| * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||||
| * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||||
| */ | */ | ||||
| #include "includes.h" | #include "includes.h" | ||||
| __RCSID("$FreeBSD$"); | |||||
| #ifdef SANDBOX_CAPSICUM | #ifdef SANDBOX_CAPSICUM | ||||
| #include <sys/types.h> | #include <sys/types.h> | ||||
| #include <sys/param.h> | #include <sys/param.h> | ||||
| #include <sys/time.h> | #include <sys/time.h> | ||||
| #include <sys/resource.h> | #include <sys/resource.h> | ||||
| #include <sys/capsicum.h> | #include <sys/capsicum.h> | ||||
| #include <errno.h> | #include <errno.h> | ||||
| #include <stdarg.h> | #include <stdarg.h> | ||||
| #include <stdio.h> | #include <stdio.h> | ||||
| #include <stdlib.h> | #include <stdlib.h> | ||||
| #include <string.h> | #include <string.h> | ||||
| #include <unistd.h> | #include <unistd.h> | ||||
| #include <capsicum_helpers.h> | |||||
| #include "log.h" | #include "log.h" | ||||
| #include "monitor.h" | #include "monitor.h" | ||||
| #include "ssh-sandbox.h" | #include "ssh-sandbox.h" | ||||
| #include "xmalloc.h" | #include "xmalloc.h" | ||||
| /* | /* | ||||
| * Capsicum sandbox that sets zero nfiles, nprocs and filesize rlimits, | * Capsicum sandbox that sets zero nfiles, nprocs and filesize rlimits, | ||||
| Show All 23 Lines | ssh_sandbox_init(struct monitor *monitor) | ||||
| return box; | return box; | ||||
| } | } | ||||
| void | void | ||||
| ssh_sandbox_child(struct ssh_sandbox *box) | ssh_sandbox_child(struct ssh_sandbox *box) | ||||
| { | { | ||||
| struct rlimit rl_zero; | struct rlimit rl_zero; | ||||
| cap_rights_t rights; | cap_rights_t rights; | ||||
| caph_cache_tzdata(); | |||||
emaste: bugfix to be upstreamed | |||||
| rl_zero.rlim_cur = rl_zero.rlim_max = 0; | rl_zero.rlim_cur = rl_zero.rlim_max = 0; | ||||
| if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1) | if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1) | ||||
| fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s", | fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s", | ||||
| __func__, strerror(errno)); | __func__, strerror(errno)); | ||||
| #ifndef SANDBOX_SKIP_RLIMIT_NOFILE | #ifndef SANDBOX_SKIP_RLIMIT_NOFILE | ||||
| if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1) | if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1) | ||||
| ▲ Show 20 Lines • Show All 43 Lines • Show Last 20 Lines | |||||
bugfix to be upstreamed