diff options
| author | Dave Brolley <brolley@redhat.com> | 2009-11-12 13:50:09 -0500 |
|---|---|---|
| committer | Dave Brolley <brolley@redhat.com> | 2009-11-12 13:50:09 -0500 |
| commit | 4ab8323bec774a2e4f78900681bf88e36dacaa49 (patch) | |
| tree | 6c18b4440b91ca364576873759197f72cc5dd152 | |
| parent | 3e6b1e441a3a9ac6d8232265caa358b4b6ad00bf (diff) | |
| download | systemtap-steved-4ab8323bec774a2e4f78900681bf88e36dacaa49.tar.gz systemtap-steved-4ab8323bec774a2e4f78900681bf88e36dacaa49.tar.xz systemtap-steved-4ab8323bec774a2e4f78900681bf88e36dacaa49.zip | |
Sign uprobes.ko with the builder's certificate.
Delete ownership & permissions tests from modsign.cxx and stap-serverd.
| -rw-r--r-- | modsign.cxx | 268 | ||||
| -rw-r--r-- | runtime/uprobes/Makefile | 2 | ||||
| -rwxr-xr-x | stap-serverd | 209 |
3 files changed, 27 insertions, 452 deletions
diff --git a/modsign.cxx b/modsign.cxx index 1fc4ef32..0965b923 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -43,243 +43,6 @@ extern "C" { using namespace std; -/* Function: int check_cert_db_permissions (const string &cert_db_path); - * - * Check that the given certificate directory and its contents have - * the correct permissions. - * - * Returns 0 if there is an error, 1 otherwise. - */ -static int -check_cert_file_permissions ( - const string &cert_file, - uid_t euid, - const struct passwd *pw -) { - struct stat info; - int rc; - - rc = stat (cert_file.c_str (), & info); - if (rc) - { - cerr << "Could not obtain information on certificate file " << cert_file << "." << endl; - perror (""); - return 0; - } - - rc = 1; // ok - -#if 0 // these checks are probably overkill - // We must be the owner of the file. - if (info.st_uid != euid) - { - cerr << "Certificate file " << cert_file << " must be owned by " - << pw->pw_name << endl; - rc = 0; - } - - // Check the access permissions of the file - if ((info.st_mode & S_IRUSR) == 0) - cerr << "Certificate file " << cert_file << " should be readable by the owner" << "." << endl; - if ((info.st_mode & S_IWUSR) == 0) - cerr << "Certificate file " << cert_file << " should be writeable by the owner" << "." << endl; - if ((info.st_mode & S_IXUSR) != 0) - { - cerr << "Certificate file " << cert_file << " must not be executable by the owner" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IRGRP) == 0) - cerr << "Certificate file " << cert_file << " should be readable by the group" << "." << endl; - if ((info.st_mode & S_IWGRP) != 0) - { - cerr << "Certificate file " << cert_file << " must not be writable by the group" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IXGRP) != 0) - { - cerr << "Certificate file " << cert_file << " must not be executable by the group" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IROTH) == 0) - cerr << "Certificate file " << cert_file << " should be readable by others" << "." << endl; - if ((info.st_mode & S_IWOTH) != 0) - { - cerr << "Certificate file " << cert_file << " must not be writable by others" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IXOTH) != 0) - { - cerr << "Certificate file " << cert_file << " must not be executable by others" << "." << endl; - rc = 0; - } -#endif // these checks are probably overkill - - - return rc; -} - -/* Function: int check_cert_db_permissions (const string &cert_db_path); - * - * Check that the given certificate directory and its contents have - * the correct permissions. - * - * Returns 0 if there is an error, 1 otherwise. - */ -static int -check_db_file_permissions ( - const string &cert_db_file, - uid_t euid, - const struct passwd *pw -) { - struct stat info; - int rc; - - rc = stat (cert_db_file.c_str (), & info); - if (rc) - { - cerr << "Could not obtain information on certificate database file " << cert_db_file << "." << endl; - perror (""); - return 0; - } - - rc = 1; // ok - -#if 0 // these checks are probably overkill - // We must be the owner of the file. - if (info.st_uid != euid) - { - cerr << "Certificate database file " << cert_db_file << " must be owned by " - << pw->pw_name << endl; - rc = 0; - } - - // Check the access permissions of the file - if ((info.st_mode & S_IRUSR) == 0) - cerr << "Certificate database file " << cert_db_file << " should be readable by the owner" << "." << endl; - if ((info.st_mode & S_IWUSR) == 0) - cerr << "Certificate database file " << cert_db_file << " should be writeable by the owner" << "." << endl; - if ((info.st_mode & S_IXUSR) != 0) - { - cerr << "Certificate database file " << cert_db_file << " must not be executable by the owner" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IRGRP) != 0) - { - cerr << "Certificate database file " << cert_db_file << " must not be readable by the group" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IWGRP) != 0) - { - cerr << "Certificate database file " << cert_db_file << " must not be writable by the group" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IXGRP) != 0) - { - cerr << "Certificate database file " << cert_db_file << " must not be executable by the group" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IROTH) != 0) - { - cerr << "Certificate database file " << cert_db_file << " must not be readable by others" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IWOTH) != 0) - { - cerr << "Certificate database file " << cert_db_file << " must not be writable by others" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IXOTH) != 0) - { - cerr << "Certificate database file " << cert_db_file << " must not be executable by others" << "." << endl; - rc = 0; - } -#endif // these checks are probably overkill - - return rc; -} - -/* Function: int check_cert_db_permissions (const string &cert_db_path); - * - * Check that the given certificate directory and its contents have - * the correct permissions. - * - * Returns 0 if there is an error, 1 otherwise. - */ -static int -check_cert_db_permissions (const string &cert_db_path) { - struct stat info; - const struct passwd *pw; - uid_t euid; - int rc; - - rc = stat (cert_db_path.c_str (), & info); - if (rc) - { - cerr << "Could not obtain information on certificate database directory " << cert_db_path << "." << endl; - perror (""); - return 0; - } - - rc = 1; // ok - - // We must be the owner of the database. - euid = geteuid (); - pw = getpwuid (euid); -#if 0 // these checks are probably overkill - if (! pw) - { - cerr << "Unable to obtain current user information which checking certificate database " - << cert_db_path << endl; - perror (""); - return 0; - } - if (info.st_uid != euid) - { - cerr << "Certificate database " << cert_db_path << " must be owned by " - << pw->pw_name << endl; - rc = 0; - } - - // Check the database directory access permissions - if ((info.st_mode & S_IRUSR) == 0) - cerr << "Certificate database " << cert_db_path << " should be readable by the owner" << "." << endl; - if ((info.st_mode & S_IWUSR) == 0) - cerr << "Certificate database " << cert_db_path << " should be writeable by the owner" << "." << endl; - if ((info.st_mode & S_IXUSR) == 0) - cerr << "Certificate database " << cert_db_path << " should be searchable by the owner" << "." << endl; - if ((info.st_mode & S_IRGRP) == 0) - cerr << "Certificate database " << cert_db_path << " should be readable by the group" << "." << endl; - if ((info.st_mode & S_IWGRP) != 0) - { - cerr << "Certificate database " << cert_db_path << " must not be writable by the group" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IXGRP) == 0) - cerr << "Certificate database " << cert_db_path << " should be searchable by the group" << "." << endl; - if ((info.st_mode & S_IROTH) == 0) - cerr << "Certificate database " << cert_db_path << " should be readable by others" << "." << endl; - if ((info.st_mode & S_IWOTH) != 0) - { - cerr << "Certificate database " << cert_db_path << " must not be writable by others" << "." << endl; - rc = 0; - } - if ((info.st_mode & S_IXOTH) == 0) - cerr << "Certificate database " << cert_db_path << " should be searchable by others" << "." << endl; -#endif // these checks are probably overkill - - // Now check the permissions of the critical files. - rc &= check_db_file_permissions (cert_db_path + "/cert8.db", euid, pw); - rc &= check_db_file_permissions (cert_db_path + "/key3.db", euid, pw); - rc &= check_db_file_permissions (cert_db_path + "/secmod.db", euid, pw); - rc &= check_db_file_permissions (cert_db_path + "/pw", euid, pw); - rc &= check_cert_file_permissions (cert_db_path + "/stap.cert", euid, pw); - - if (rc == 0) - cerr << "Unable to use certificate database " << cert_db_path << " due to errors" << "." << endl; - - return rc; -} - /* Function: int init_cert_db_path (const string &cert_db_path); * * Initialize a certificate database at the given path. @@ -329,7 +92,7 @@ check_cert_db_path (const string &cert_db_path) { PR_Delete (fname.c_str ()); } - return check_cert_db_permissions (cert_db_path); + return 1; // ok } /* Function: char * password_callback() @@ -508,6 +271,8 @@ main(int argc, char **argv) CERTCertificate *cert; SECKEYPrivateKey *privKey; SECStatus secStatus; + const char *stap_dir; + struct passwd *pwd; if (argc < 2) { cerr << "Module name was not specified." << endl; @@ -515,11 +280,30 @@ main(int argc, char **argv) } module_name = argv[1]; - if (argc < 3) { - cerr << "Certificate database path was not specified." << endl; - return 1; + if (argc >= 3) + cert_db_path = argv[2]; + else { + // Use the default database for this user. + if (geteuid () == 0) + cert_db_path = SYSCONFDIR "/systemtap/ssl/server"; + else { + stap_dir = getenv ("SYSTEMTAP_DIR"); + if (stap_dir == NULL) { + stap_dir = getenv("HOME"); + if (stap_dir == NULL) { + pwd = getpwuid(getuid()); + if (pwd) + stap_dir = pwd->pw_dir; + else { + cerr << "Unable to determine the certificate database path." << endl; + return 1; + } + } + } + cert_db_path = stap_dir; + cert_db_path += "/.systemtap/ssl/server"; + } } - cert_db_path = argv[2]; if (! check_cert_db_path (cert_db_path)) return 1; diff --git a/runtime/uprobes/Makefile b/runtime/uprobes/Makefile index 4ab637e2..bc0fd6a9 100644 --- a/runtime/uprobes/Makefile +++ b/runtime/uprobes/Makefile @@ -10,7 +10,7 @@ default: if test -f ../../../../bin/stap-sign-module; then \ for f in *.ko; do \ if test ! -e $$f.sgn -o $$f.sgn -ot $$f; then \ - ../../../../bin/stap-sign-module $$f ../../../../etc/systemtap/ssl/server; \ + ../../../../bin/stap-sign-module $$f; \ fi \ done \ fi diff --git a/stap-serverd b/stap-serverd index d7a57513..d2f99cdb 100755 --- a/stap-serverd +++ b/stap-serverd @@ -75,9 +75,6 @@ function initialization { fi fi - # Check the security of the database. - check_db $ssl_db - nss_pw=$ssl_db/pw nss_cert=stap-server } @@ -333,212 +330,6 @@ function listen { wait '%${stap_exec_prefix}stap-server-connect' >> $logfile 2>&1 } -# function: check_db DBNAME -# -# Check the security of the given database directory. -function check_db { - local dir=$1 - local rc=0 - - # Check that we have been given a directory - if ! test -e $dir; then - warning "Certificate database '$dir' does not exist" - return 1 - fi - if ! test -d $dir; then - warning "Certificate database '$dir' is not a directory" - return 1 - fi - - # Check that we can read the directory - if ! test -r $dir; then - warning "Certificate database '$dir' is not readble" - rc=1 - fi - - # We must be the owner of the database. - local ownerid=`stat -c "%u" $dir` - if test "X$ownerid" != "X$EUID"; then - warning "Certificate database '$dir' must be owned by $USER" - rc=1 - fi - - # Check the access permissions of the directory - local perm=0`stat -c "%a" $dir` - if test $((($perm & 0400) == 0400)) = 0; then - warning "Certificate database '$dir' should be readable by the owner" - fi - if test $((($perm & 0200) == 0200)) = 0; then - warning "Certificate database '$dir' should be writeable by the owner" - fi - if test $((($perm & 0100) == 0100)) = 0; then - warning "Certificate database '$dir' should be searchable by the owner" - fi - if test $((($perm & 0040) == 0040)) = 0; then - warning "Certificate database '$dir' should be readable by the group" - fi - if test $((($perm & 0020) == 0020)) = 1; then - warning "Certificate database '$dir' must not be writable by the group" - rc=1 - fi - if test $((($perm & 0010) == 0010)) = 0; then - warning "Certificate database '$dir' should be searchable by the group" - fi - if test $((($perm & 0004) == 0004)) = 0; then - warning "Certificate database '$dir' should be readable by others" - fi - if test $((($perm & 0002) == 0002)) = 1; then - warning "Certificate database '$dir' must not be writable by others" - rc=1 - fi - if test $((($perm & 0001) == 0001)) = 0; then - warning "Certificate database '$dir' should be searchable by others" - fi - - # Now check the permissions of the critical files. - check_db_file $dir/cert8.db || rc=1 - check_db_file $dir/key3.db || rc=1 - check_db_file $dir/secmod.db || rc=1 - check_db_file $dir/pw || rc=1 - check_cert_file $dir/$stap_certfile || rc=1 - - test $rc = 1 && fatal "Unable to use certificate database '$dir' due to errors" - - return $rc -} - -# function: check_db_file FILENAME -# -# Check the security of the given database file. -function check_db_file { - local file=$1 - local rc=0 - - # Check that we have been given a file - if ! test -e $file; then - warning "Certificate database file '$file' does not exist" - return 1 - fi - if ! test -f $file; then - warning "Certificate database file '$file' is not a regular file" - return 1 - fi - - # We must be the owner of the file. - local ownerid=`stat -c "%u" $file` - if test "X$ownerid" != "X$EUID"; then - warning "Certificate database file '$file' must be owned by $USER" - rc=1 - fi - - # Check that we can read the file - if ! test -r $file; then - warning "Certificate database file '$file' is not readble" - rc=1 - fi - - # Check the access permissions of the file - local perm=0`stat -c "%a" $file` - if test $((($perm & 0400) == 0400)) = 0; then - warning "Certificate database file '$file' should be readable by the owner" - fi - if test $((($perm & 0200) == 0200)) = 0; then - warning "Certificate database file '$file' should be writeable by the owner" - fi - if test $((($perm & 0100) == 0100)) = 1; then - warning "Certificate database file '$file' must not be executable by the owner" - rc=1 - fi - if test $((($perm & 0040) == 0040)) = 1; then - warning "Certificate database file '$file' must not be readable by the group" - rc=1 - fi - if test $((($perm & 0020) == 0020)) = 1; then - warning "Certificate database file '$file' must not be writable by the group" - rc=1 - fi - if test $((($perm & 0010) == 0010)) = 1; then - warning "Certificate database file '$file' must not be executable by the group" - rc=1 - fi - if test $((($perm & 0004) == 0004)) = 1; then - warning "Certificate database file '$file' must not be readable by others" - rc=1 - fi - if test $((($perm & 0002) == 0002)) = 1; then - warning "Certificate database file '$file' must not be writable by others" - rc=1 - fi - if test $((($perm & 0001) == 0001)) = 1; then - warning "Certificate database file '$file' must not be executable by others" - rc=1 - fi - - return $rc -} - -# function: check_db_file FILENAME -# -# Check the security of the given database file. -function check_cert_file { - local file=$1 - local rc=0 - - # Check that we have been given a file - if ! test -e $file; then - warning "Certificate database file '$file' does not exist" - return 1 - fi - if ! test -f $file; then - warning "Certificate database file '$file' is not a regular file" - return 1 - fi - - # We must be the owner of the file. - local ownerid=`stat -c "%u" $file` - if test "X$ownerid" != "X$EUID"; then - warning "Certificate file '$file' must be owned by $USER" - rc=1 - fi - - # Check the access permissions of the file - local perm=0`stat -c "%a" $file` - if test $((($perm & 0400) == 0400)) = 0; then - warning "Certificate file '$file' should be readable by the owner" - fi - if test $((($perm & 0200) == 0200)) = 0; then - warning "Certificate file '$file' should be writeable by the owner" - fi - if test $((($perm & 0100) == 0100)) = 1; then - warning "Certificate file '$file' must not be executable by the owner" - rc=1 - fi - if test $((($perm & 0040) == 0040)) = 0; then - warning "Certificate file '$file' should be readable by the group" - fi - if test $((($perm & 0020) == 0020)) = 1; then - warning "Certificate file '$file' must not be writable by the group" - rc=1 - fi - if test $((($perm & 0010) == 0010)) = 1; then - warning "Certificate file '$file' must not be executable by the group" - rc=1 - fi - if test $((($perm & 0004) == 0004)) = 0; then - warning "Certificate file '$file' should be readable by others" - fi - if test $((($perm & 0002) == 0002)) = 1; then - warning "Certificate file '$file' must not be writable by others" - rc=1 - fi - if test $((($perm & 0001) == 0001)) = 1; then - warning "Certificate file '$file' must not be executable by others" - rc=1 - fi - - return $rc -} - # function: warning [ MESSAGE ] # # Warning error |