- (djm) On platforms that support it, use prctl() to prevent sftp-server
from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net
This commit is contained in:
parent
48abc47e60
commit
14928b7492
|
@ -1,3 +1,7 @@
|
|||
20140401
|
||||
- (djm) On platforms that support it, use prctl() to prevent sftp-server
|
||||
from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net
|
||||
|
||||
20140317
|
||||
- (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to
|
||||
remind myself to add sandbox violation logging via the log socket.
|
||||
|
|
|
@ -29,6 +29,9 @@
|
|||
#ifdef HAVE_SYS_STATVFS_H
|
||||
#include <sys/statvfs.h>
|
||||
#endif
|
||||
#ifdef HAVE_SYS_PRCTL_H
|
||||
#include <sys/prctl.h>
|
||||
#endif
|
||||
|
||||
#include <dirent.h>
|
||||
#include <errno.h>
|
||||
|
@ -1523,6 +1526,17 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
|
|||
|
||||
log_init(__progname, log_level, log_facility, log_stderr);
|
||||
|
||||
#ifdef HAVE_PRCTL
|
||||
/*
|
||||
* On Linux, we should try to avoid making /proc/self/{mem,maps}
|
||||
* available to the user so that sftp access doesn't automatically
|
||||
* imply arbitrary code execution access that will break
|
||||
* restricted configurations.
|
||||
*/
|
||||
if (prctl(PR_SET_DUMPABLE, 0) != 0)
|
||||
fatal("unable to make the process undumpable");
|
||||
#endif
|
||||
|
||||
if ((cp = getenv("SSH_CONNECTION")) != NULL) {
|
||||
client_addr = xstrdup(cp);
|
||||
if ((cp = strchr(client_addr, ' ')) == NULL) {
|
||||
|
|
Loading…
Reference in New Issue