[tor-commits] [arm/master] fix: avoiding setresuid/gid if unavailable

atagar at torproject.org atagar at torproject.org
Sat Aug 6 23:39:14 UTC 2011


commit 4a1604958c6da5862c344f4d7ba6f0e0560daa23
Author: Damian Johnson <atagar at torproject.org>
Date:   Sat Aug 6 15:35:00 2011 -0700

    fix: avoiding setresuid/gid if unavailable
    
    The os.setresuid and os.setresgid functions are only available in Python 2.7
    and later. Arm aims for 2.5 compatability so using os.setreuid/gid if running
    a prior version. This, unfortunately, means that the saved uid is not reduced
    which might be a vulnerability - hopefully Jake will know of an alternative if
    this is a concern.
---
 src/resources/torrcOverride/override.py |   26 +++++++++++++++++++++++---
 1 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/src/resources/torrcOverride/override.py b/src/resources/torrcOverride/override.py
index b99ae95..8261eab 100755
--- a/src/resources/torrcOverride/override.py
+++ b/src/resources/torrcOverride/override.py
@@ -145,6 +145,13 @@ def remove():
       print "  unsuccessful: %s" % exc
 
 def replaceTorrc():
+  # TODO: The setresgid and setresuid functions are only available in
+  # python 2.7 (arm aims for 2.5 compatability). I'm not spotting a method
+  # for setting the saved user id without it, though. :/
+  
+  majorVersion, minorVersion = sys.version_info[:2]
+  canSetSavedUid = majorVersion >= 3 or (majorVersion == 2 and minorVersion >= 7)
+  
   orig_uid = os.getuid()
   orig_euid = os.geteuid()
   
@@ -168,7 +175,13 @@ def replaceTorrc():
   # drop to the unprivileged group, and lose the rest of the groups
   os.setgid(dropped_gid)
   os.setegid(dropped_egid)
-  os.setresgid(dropped_gid, dropped_egid, dropped_gid)
+  
+  if canSetSavedUid:
+    # only usable in python 2.7 or later
+    os.setresgid(dropped_gid, dropped_egid, dropped_gid)
+  else:
+    os.setregid(dropped_gid, dropped_egid)
+  
   os.setgroups([dropped_gid])
   
   # make a tempfile and write out the contents
@@ -192,8 +205,15 @@ def replaceTorrc():
     # I believe this drops os.setfsuid os.setfsgid stuff
     # Clear all other supplemental groups for dropped_uid
     os.setgroups([dropped_gid])
-    os.setresgid(dropped_gid, dropped_egid, dropped_gid)
-    os.setresuid(dropped_uid, dropped_euid, dropped_uid)
+    
+    if canSetSavedUid:
+      # only usable in python 2.7 or later
+      os.setresgid(dropped_gid, dropped_egid, dropped_gid)
+      os.setresuid(dropped_uid, dropped_euid, dropped_uid)
+    else:
+      os.setregid(dropped_gid, dropped_egid)
+      os.setreuid(dropped_uid, dropped_euid)
+    
     os.setgid(dropped_gid)
     os.setegid(dropped_egid)
     os.setuid(dropped_uid)





More information about the tor-commits mailing list