bbs/deb-mbse
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added homedirectory permission checks

Browse Source
This commit is contained in:
Michiel Broek 2005-11-22 19:39:32 +00:00
parent e25a344920
commit 6d6948ae4e
3 changed files with 54 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -7,6 +7,10 @@ v0.83.2 16-Nov-2005
Reinstalled tic orphans and bad crc handling using new method. Reinstalled tic orphans and bad crc handling using new method.
Removed some debug logging. Removed some debug logging.
mbsebbs:
Added check for users homedirectory permissions and attempt to
fix errors. If fatal the connection is dropped.
v0.83.1 12-Nov-2005 - 16-Nov-2005 v0.83.1 12-Nov-2005 - 16-Nov-2005

2
TODO
View File

@ -35,8 +35,6 @@ libdiesel.a:
processed, instead the previous macro value will be returned. processed, instead the previous macro value will be returned.
mbsebbs: mbsebbs:
N: Check access right to the users homedirectory.
N: OLR, implement file requests. N: OLR, implement file requests.
N: Only count posted messages in local mail areas. N: Only count posted messages in local mail areas.

53
mbsebbs/mbsebbs.c
View File

@ -58,7 +58,7 @@ int main(int argc, char **argv)
{ {
FILE *pTty; FILE *pTty;
char *p, *tty, temp[PATH_MAX]; char *p, *tty, temp[PATH_MAX];
int i, rc; int i, rc, Fix;
struct stat sb; struct stat sb;
struct winsize ws; struct winsize ws;
@ -202,7 +202,7 @@ int main(int argc, char **argv)
/* /*
* Check users homedirectory, some *nix systems let users in if no * Check users homedirectory, some *nix systems let users in if no
* homedirectory exists * homedirectory exists. Then check the permissions.
*/ */
snprintf(temp, PATH_MAX, "%s/%s", CFG.bbs_usersdir, sUnixName); snprintf(temp, PATH_MAX, "%s/%s", CFG.bbs_usersdir, sUnixName);
if (stat(temp, &sb)) { if (stat(temp, &sb)) {
@ -211,7 +211,54 @@ int main(int argc, char **argv)
WriteError("homedirectory %s doesn't exist", temp); WriteError("homedirectory %s doesn't exist", temp);
Quick_Bye(MBERR_OK); Quick_Bye(MBERR_OK);
} }
Fix = FALSE;
if ((sb.st_mode & S_IRUSR) == 0) {
Fix = TRUE;
WriteError("No owner read access in %s, mode is %04o", temp, sb.st_mode & 0x1ff);
}
if ((sb.st_mode & S_IWUSR) == 0) {
Fix = TRUE;
WriteError("No owner write access in %s, mode is %04o", temp, sb.st_mode & 0x1ff);
}
if ((sb.st_mode & S_IXUSR) == 0) {
Fix = TRUE;
WriteError("No owner execute access in %s, mode is %04o", temp, sb.st_mode & 0x1ff);
}
if ((sb.st_mode & S_IRGRP) == 0) {
Fix = TRUE;
WriteError("No group read access in %s, mode is %04o", temp, sb.st_mode & 0x1ff);
}
if ((sb.st_mode & S_IWGRP) == 0) {
Fix = TRUE;
WriteError("No group write access in %s, mode is %04o", temp, sb.st_mode & 0x1ff);
}
if ((sb.st_mode & S_IXGRP) == 0) {
Fix = TRUE;
WriteError("No group execute access in %s, mode is %04o", temp, sb.st_mode & 0x1ff);
}
if ((sb.st_mode & S_IROTH)) {
Fix = TRUE;
WriteError("Others have read access in %s, mode is %04o", temp, sb.st_mode & 0x1ff);
}
if ((sb.st_mode & S_IWOTH)) {
Fix = TRUE;
WriteError("Others have write access in %s, mode is %04o", temp, sb.st_mode & 0x1ff);
}
if ((sb.st_mode & S_IXOTH)) {
Fix = TRUE;
WriteError("Others have execute access in %s, mode is %04o", temp, sb.st_mode & 0x1ff);
}
if (Fix) {
if (chmod(temp, 0770)) {
WriteError("Could not set home directory mode to 0770");
snprintf(temp, 81, "Internal error, the sysop is notified");
poutCR(LIGHTRED, BLACK, temp);
Enter(1);
Quick_Bye(MBERR_OK);
} else {
Syslog('+', "Corrected home directory mode to 0770");
}
}
if (((p = getenv("REMOTEHOST")) != NULL) || ((p = getenv("SSH_CLIENT")) != NULL)) { if (((p = getenv("REMOTEHOST")) != NULL) || ((p = getenv("SSH_CLIENT")) != NULL)) {
/* /*