lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 20 Mar 2014 15:11:48 +0530
From:	Janani Venkataraman <jananive@...ux.vnet.ibm.com>
To:	linux-kernel@...r.kernel.org
Cc:	amwang@...hat.com, procps@...elists.org, rdunlap@...otime.net,
	james.hogan@...tec.com, aravinda@...ux.vnet.ibm.com, hch@....de,
	mhiramat@...hat.com, jeremy.fitzhardinge@...rix.com,
	xemul@...allels.com, d.hatayama@...fujitsu.com, coreutils@....org,
	kosaki.motohiro@...fujitsu.com, adobriyan@...il.com,
	util-linux@...r.kernel.org, tarundsk@...ux.vnet.ibm.com,
	vapier@...too.org, roland@...k.frob.com, ananth@...ux.vnet.ibm.com,
	gorcunov@...nvz.org, avagin@...nvz.org, oleg@...hat.com,
	eparis@...hat.com, suzuki@...ux.vnet.ibm.com, andi@...stfloor.org,
	tj@...nel.org, akpm@...ux-foundation.org,
	torvalds@...ux-foundation.org
Subject: [PATCH 21/33] Get Clients PID

Get the Clients PID using getsockopt. This is done for security reasons. So
that we dont get any malicious dump requests.

Signed-off-by: Janani Venkataraman <jananive@...ux.vnet.ibm.com>
---
 src/coredump.c |   22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/src/coredump.c b/src/coredump.c
index fadb7cd..599a912 100755
--- a/src/coredump.c
+++ b/src/coredump.c
@@ -22,6 +22,7 @@
  *      Suzuki K. Poulose <suzuki@...ibm.com>
  */
 
+#define _GNU_SOURCE
 #include <stdarg.h>
 #include <stdio.h>
 #include <string.h>
@@ -430,17 +431,38 @@ int receive_core_filename(char *core_file)
 	return 0;
 }
 
+/* Get client details */
+int get_client_pid(struct ucred *client_info)
+{
+	socklen_t len = sizeof(struct ucred);
+	if (getsockopt(new_sock, SOL_SOCKET, SO_PEERCRED,
+				client_info, &len)) {
+		send_reply(errno);
+		gencore_log("[%d]: Can't get credentials of the client:%s\n",
+				pid_log, strerror(errno));
+		return -1;
+	}
+
+	return 0;
+}
+
 /* Services requests */
 int service_request(void)
 {
 	int ret;
 	char core_file[CORE_FILE_NAME_SZ];
+	struct ucred client_info;
 
 	/* Receive the message */
 	ret = receive_core_filename(core_file);
 	if (ret)
 		goto cleanup;
 
+	/* Fetch client PID */
+	ret = get_client_pid(&client_info);
+	if (ret)
+		goto cleanup;
+
 cleanup:
 	close(new_sock);
 	if (ret == -1)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ