aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSolderpunk <solderpunk@sdf.org>2018-12-19 21:33:17 +0000
committerSolderpunk <solderpunk@sdf.org>2018-12-19 21:33:17 +0000
commitd2aa891e1e96cc0f7ed22a1833662c215ce693bb (patch)
tree19d93c79161446b1017b65e69607702f71d2725a
parentPermit graceful cancellation of thread saving. (diff)
Drop bbs euid whenever it is not required, so that users don't end up in privileged editors which can be used to vandalise posts.
-rwxr-xr-xtelem.lua37
1 files changed, 35 insertions, 2 deletions
diff --git a/telem.lua b/telem.lua
index 9b81881..56379ca 100755
--- a/telem.lua
+++ b/telem.lua
@@ -10,6 +10,7 @@ path = require("pl.path")
string = require("string")
stringx = require("pl.stringx")
table = require("table")
+unistd = require("posix.unistd")
_BBS_ROOT = "/var/bbs/"
_EDITOR = os.getenv("EDITOR")
@@ -37,6 +38,21 @@ current_thread_posts = {} -- Array of post tables, containing posts associated w
current_post_index = nil -- Integer index into current_thread_posts
colours = true -- Boolean, controls whether to use ANSI colours
+-- Setuid stuff
+
+bbs_uid = unistd.geteuid()
+user_uid = unistd.getuid()
+
+function drop_privs()
+ unistd.setpid("U", user_uid)
+end
+
+function raise_privs()
+ unistd.setpid("U", bbs_uid)
+end
+
+drop_privs()
+
-- Utility functions
function cat_file(filename)
@@ -147,6 +163,7 @@ end
function load_scan_times()
local scanfile = path.join(_BBS_ROOT, "scans", username ..".scan")
+ raise_privs()
local f, err = io.open(scanfile, "r")
if f == nil then return end
for line in f:lines() do
@@ -156,15 +173,18 @@ function load_scan_times()
end
end
f:close()
+ drop_privs()
end
function save_scan_times()
local scanfile = path.join(_BBS_ROOT, "scans", username ..".scan")
+ raise_privs()
local f, err = io.open(scanfile, "w")
for _, board in ipairs(boards) do
f:write(board.name .. ":" .. tostring(board.last_scanned) .. "\n")
end
f:close()
+ drop_privs()
end
-- Commands
@@ -192,6 +212,7 @@ function do_board()
return
end
-- Create directory
+ raise_privs()
local board_dir = path.join(_BBS_ROOT, "boards", board)
lfs.mkdir(board_dir)
os.execute("chmod og+rwx " .. board_dir)
@@ -199,6 +220,7 @@ function do_board()
local topic_file = path.join(board_dir, "topic")
file.write(topic_file, desc)
os.execute("chmod og+r " .. topic_file)
+ drop_privs()
-- Update representation of BBS
update_boards()
-- Done!
@@ -324,6 +346,9 @@ function create_post()
file.delete(filename)
return nil
else
+ -- Make sure the telem program can read this file once
+ -- it sets the euid to bbs.
+ os.execute("chmod og+r " .. filename)
return filename
end
end
@@ -351,6 +376,7 @@ function do_new()
local timestamp = tostring(os.time())
local thread_dir = timestamp .. "-" .. username
local thread_path = path.join(current_board.directory, thread_dir)
+ raise_privs()
lfs.mkdir(thread_path)
os.execute("chmod og+rwx " .. thread_path)
-- Write subject file
@@ -359,11 +385,15 @@ function do_new()
-- Move post file
local post_file = thread_dir -- first post and thread directory names are the same!
local newpath = path.join(thread_path, post_file)
- local ret, str = file.move(filename, newpath)
+ -- Copy first - bbs user doesn't have permissions to delete
+ local ret, str = file.copy(filename, newpath)
if not ret then
print(str)
end
os.execute("chmod og+r " .. newpath)
+ drop_privs()
+ -- Delete file to complete the move
+ file.delete(filename)
-- Done!
print("Post submitted.")
end
@@ -426,11 +456,14 @@ function do_type_reply()
local timestamp = tostring(os.time())
local newfilename = timestamp .. "-" .. username
local newpath = path.join(current_thread.directory, newfilename)
- local ret, str = file.move(filename, newpath)
+ raise_privs()
+ local ret, str = file.copy(filename, newpath)
if not ret then
print(str)
end
os.execute("chmod og+r " .. newpath)
+ drop_privs()
+ file.delete(filename)
-- Update state and show reply
current_thread_posts = get_posts(current_thread)
current_post_index = #current_thread_posts