From 224c8603859e31aebb1c9578a76ea7786773d1cc Mon Sep 17 00:00:00 2001 From: Ezra Peisach Date: Thu, 5 Oct 1995 17:30:42 +0000 Subject: [PATCH] * init_os_ctx.c (krb5_secure_config_files): New function that will set flag and path to prevent user from overriding configuration files with environment variables. This is intended for those pesky suid root programs so that they cannot break security as easily... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6928 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/os/ChangeLog | 6 +++ src/lib/krb5/os/init_os_ctx.c | 73 ++++++++++++++++++++++++++--------- 2 files changed, 60 insertions(+), 19 deletions(-) diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog index c488e188a..92b694788 100644 --- a/src/lib/krb5/os/ChangeLog +++ b/src/lib/krb5/os/ChangeLog @@ -1,3 +1,9 @@ +Thu Oct 5 07:49:26 1995 Ezra Peisach + + * init_os_ctx.c (krb5_secure_config_files): New function that + will set flag and path to prevent user from overriding + configuration files with environment variables. + Mon Oct 2 17:36:38 1995 Ezra Peisach * init_os_ctx.c (krb5_os_init_context): Put back in the diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c index 9d21c9423..ea5d80af7 100644 --- a/src/lib/krb5/os/init_os_ctx.c +++ b/src/lib/krb5/os/init_os_ctx.c @@ -95,29 +95,19 @@ char pathbuf[255]; } #endif -krb5_error_code -krb5_os_init_context(ctx) +/* Set the profile paths in the context. If secure is set to TRUE then + do not include user paths (from environment variables, etc.) +*/ +static krb5_error_code +os_init_paths(ctx, secure) krb5_context ctx; + krb5_boolean secure; { - krb5_os_context os_ctx; krb5_error_code retval = 0; - char *name; + char *name = 0; const char *filenames[2]; - - if (ctx->os_context) - return 0; - - os_ctx = malloc(sizeof(struct _krb5_os_context)); - if (!os_ctx) - return ENOMEM; - memset(os_ctx, 0, sizeof(struct _krb5_os_context)); - os_ctx->magic = KV5M_OS_CONTEXT; - - ctx->os_context = (void *) os_ctx; - os_ctx->time_offset = 0; - os_ctx->usec_offset = 0; - os_ctx->os_flags = 0; + ctx->profile_secure = secure; #ifdef _WINDOWS { @@ -147,7 +137,7 @@ krb5_os_init_context(ctx) * When the profile routines are later enhanced, we will try * including a config file from user's home directory here. */ - name = getenv("KRB5_CONFIG"); + if (!secure) name = getenv("KRB5_CONFIG"); if(!name) name = DEFAULT_PROFILE_PATH; retval = profile_init_path(name, &ctx->profile); @@ -157,6 +147,35 @@ krb5_os_init_context(ctx) if (retval) ctx->profile = 0; + return retval; +} + +krb5_error_code +krb5_os_init_context(ctx) + krb5_context ctx; +{ + krb5_os_context os_ctx; + krb5_error_code retval = 0; + char *name; + const char *filenames[2]; + + if (ctx->os_context) + return 0; + + os_ctx = malloc(sizeof(struct _krb5_os_context)); + if (!os_ctx) + return ENOMEM; + memset(os_ctx, 0, sizeof(struct _krb5_os_context)); + os_ctx->magic = KV5M_OS_CONTEXT; + + ctx->os_context = (void *) os_ctx; + + os_ctx->time_offset = 0; + os_ctx->usec_offset = 0; + os_ctx->os_flags = 0; + + retval = os_init_paths(ctx, FALSE); + /* * We ignore errors if the profile can not be initialized, * since there must be a way to get a context even if the @@ -185,6 +204,22 @@ krb5_set_config_files(ctx, filenames) return 0; } +krb5_error_code INTERFACE +krb5_secure_config_files(ctx) + krb5_context ctx; +{ + krb5_error_code retval; + + if (ctx->profile) { + profile_release(ctx->profile); + ctx->profile = 0; + } + + retval = os_init_paths(ctx, TRUE); + + return retval; +} + void krb5_os_free_context(ctx) krb5_context ctx; -- 2.26.2