diff options
| author | dimitri staessens <dimitri.staessens@intec.ugent.be> | 2016-07-03 16:20:56 +0200 |
|---|---|---|
| committer | dimitri staessens <dimitri.staessens@intec.ugent.be> | 2016-07-03 16:26:32 +0200 |
| commit | 8cb2f2fe999476b55358e3cfbdcbcbb3cf75f2cb (patch) | |
| tree | d1333083d2d2302b3159b91ec3f204ccbd95f8bc /src/lib | |
| parent | 597456c934bf0f9ec475ac89eaaf67e9a0c58c0e (diff) | |
| download | ouroboros-8cb2f2fe999476b55358e3cfbdcbcbb3cf75f2cb.tar.gz ouroboros-8cb2f2fe999476b55358e3cfbdcbcbb3cf75f2cb.zip | |
tools, irm: move binary check to library
This will make the library check if the user has permissions to
execute the binary when auto is set. This prevents writing malicious
software that would use the irmd to execute other applications to
which the user has no access.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/irm.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/lib/irm.c b/src/lib/irm.c index 6b296258..93963eb1 100644 --- a/src/lib/irm.c +++ b/src/lib/irm.c @@ -29,6 +29,7 @@ #include <ouroboros/sockets.h> #include <stdlib.h> +#include <sys/stat.h> pid_t irm_create_ipcp(char * name, enum ipcp_type ipcp_type) @@ -246,10 +247,17 @@ int irm_bind(char * name, irm_msg_t msg = IRM_MSG__INIT; irm_msg_t * recv_msg = NULL; int ret = -1; + struct stat s; if (name == NULL || ap_name == NULL) return -EINVAL; + if (stat(ap_name, &s) != 0) + return -ENOENT; + + if (!(s.st_mode & S_IXUSR)) + return -EPERM; + msg.code = IRM_MSG_CODE__IRM_BIND; msg.dst_name = name; msg.ap_name = ap_name; |