Merged revisions 86066 via svnmerge from

https://origsvn.digium.com/svn/asterisk/branches/1.4

........
r86066 | tilghman | 2007-10-17 10:23:51 -0500 (Wed, 17 Oct 2007) | 3 lines

When runuser/rungroup is specified, a remote console could only be attained by root
(Closes issue #9999)

........

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@86079 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/main/asterisk.c b/main/asterisk.c
index a4be983..f725c52 100644 (file)
--- a/main/asterisk.c
+++ b/main/asterisk.c
@@ -2617,7 +2617,7 @@ int main(int argc, char *argv[])
        FILE *f;
        sigset_t sigs;
        int num;
-       int is_child_of_nonroot = 0;
+       int isroot = 1;
        char *buf;
        char *runuser = NULL, *rungroup = NULL;
 
@@ -2630,6 +2630,9 @@ int main(int argc, char *argv[])
                _argv[x] = argv[x];
        _argv[x] = NULL;
 
+       if (geteuid() != 0)
+               isroot = 0;
+
        /* if the progname is rasterisk consider it a remote console */
        if (argv[0] && (strstr(argv[0], "rasterisk")) != NULL) {
                ast_set_flag(&ast_options, AST_OPT_FLAG_NO_FORK | AST_OPT_FLAG_REMOTE);
@@ -2643,11 +2646,7 @@ int main(int argc, char *argv[])
        ast_builtins_init();
        ast_utils_init();
        tdd_init();
-       /* When Asterisk restarts after it has dropped the root privileges,
-        * it can't issue setuid(), setgid(), setgroups() or set_priority() 
-        */
-       if (getenv("ASTERISK_ALREADY_NONROOT"))
-               is_child_of_nonroot=1;
+
        if (getenv("HOME")) 
                snprintf(filename, sizeof(filename), "%s/.asterisk_history", getenv("HOME"));
        /* Check for options */
@@ -2792,10 +2791,10 @@ int main(int argc, char *argv[])
 
 #ifndef __CYGWIN__
 
-       if (!is_child_of_nonroot) 
+       if (isroot) 
                ast_set_priority(ast_opt_high_priority);
 
-       if (!is_child_of_nonroot && rungroup) {
+       if (isroot && rungroup) {
                struct group *gr;
                gr = getgrnam(rungroup);
                if (!gr) {
@@ -2814,7 +2813,7 @@ int main(int argc, char *argv[])
                        ast_verbose("Running as group '%s'\n", rungroup);
        }
 
-       if (!is_child_of_nonroot && runuser) {
+       if (runuser && !ast_test_flag(&ast_options, AST_OPT_FLAG_REMOTE)) {
 #ifdef HAVE_CAP
                int has_cap = 1;
 #endif /* HAVE_CAP */
@@ -2830,6 +2829,10 @@ int main(int argc, char *argv[])
                        has_cap = 0;
                }
 #endif /* HAVE_CAP */
+               if (!isroot && pw->pw_uid != geteuid()) {
+                       ast_log(LOG_ERROR, "Asterisk started as nonroot, but runuser '%s' requested.\n", runuser);
+                       exit(1);
+               }
                if (!rungroup) {
                        if (setgid(pw->pw_gid)) {
                                ast_log(LOG_WARNING, "Unable to setgid to %d!\n", (int)pw->pw_gid);
@@ -2844,7 +2847,6 @@ int main(int argc, char *argv[])
                        ast_log(LOG_WARNING, "Unable to setuid to %d (%s)\n", (int)pw->pw_uid, runuser);
                        exit(1);
                }
-               setenv("ASTERISK_ALREADY_NONROOT", "yes", 1);
                if (option_verbose)
                        ast_verbose("Running as user '%s'\n", runuser);
 #ifdef HAVE_CAP