1 /* $OpenBSD: access.c,v 1.6 2023/10/17 09:52:09 nicm Exp $ */ 2 3 /**************************************************************************** 4 * Copyright 2019-2021,2023 Thomas E. Dickey * 5 * Copyright 1998-2011,2012 Free Software Foundation, Inc. * 6 * * 7 * Permission is hereby granted, free of charge, to any person obtaining a * 8 * copy of this software and associated documentation files (the * 9 * "Software"), to deal in the Software without restriction, including * 10 * without limitation the rights to use, copy, modify, merge, publish, * 11 * distribute, distribute with modifications, sublicense, and/or sell * 12 * copies of the Software, and to permit persons to whom the Software is * 13 * furnished to do so, subject to the following conditions: * 14 * * 15 * The above copyright notice and this permission notice shall be included * 16 * in all copies or substantial portions of the Software. * 17 * * 18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS * 19 * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF * 20 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. * 21 * IN NO EVENT SHALL THE ABOVE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, * 22 * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR * 23 * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR * 24 * THE USE OR OTHER DEALINGS IN THE SOFTWARE. * 25 * * 26 * Except as contained in this notice, the name(s) of the above copyright * 27 * holders shall not be used in advertising or otherwise to promote the * 28 * sale, use or other dealings in this Software without prior written * 29 * authorization. * 30 ****************************************************************************/ 31 32 /**************************************************************************** 33 * Author: Thomas E. Dickey * 34 ****************************************************************************/ 35 36 #include <curses.priv.h> 37 38 #include <ctype.h> 39 40 #ifndef USE_ROOT_ACCESS 41 #if HAVE_SETFSUID 42 #include <sys/fsuid.h> 43 #else 44 #include <sys/stat.h> 45 #endif 46 #endif 47 48 #if HAVE_GETAUXVAL && HAVE_SYS_AUXV_H && defined(__GLIBC__) && (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 19) 49 #include <sys/auxv.h> 50 #define USE_GETAUXVAL 1 51 #else 52 #define USE_GETAUXVAL 0 53 #endif 54 55 #include <tic.h> 56 57 MODULE_ID("$Id: access.c,v 1.6 2023/10/17 09:52:09 nicm Exp $") 58 59 #define LOWERCASE(c) ((isalpha(UChar(c)) && isupper(UChar(c))) ? tolower(UChar(c)) : (c)) 60 61 #ifdef _NC_MSC 62 # define ACCESS(FN, MODE) access((FN), (MODE)&(R_OK|W_OK)) 63 #else 64 # define ACCESS access 65 #endif 66 67 NCURSES_EXPORT(char *) 68 _nc_rootname(char *path) 69 { 70 char *result = _nc_basename(path); 71 #if !MIXEDCASE_FILENAMES || defined(PROG_EXT) 72 static char *temp; 73 char *s; 74 75 if ((temp = strdup(result)) != 0) 76 result = temp; 77 #if !MIXEDCASE_FILENAMES 78 for (s = result; *s != '\0'; ++s) { 79 *s = (char) LOWERCASE(*s); 80 } 81 #endif 82 #if defined(PROG_EXT) 83 if ((s = strrchr(result, '.')) != 0) { 84 if (!strcmp(s, PROG_EXT)) 85 *s = '\0'; 86 } 87 #endif 88 #endif 89 return result; 90 } 91 92 /* 93 * Check if a string appears to be an absolute pathname. 94 */ 95 NCURSES_EXPORT(bool) 96 _nc_is_abs_path(const char *path) 97 { 98 #if defined(__EMX__) || defined(__DJGPP__) 99 #define is_pathname(s) ((((s) != 0) && ((s)[0] == '/')) \ 100 || (((s)[0] != 0) && ((s)[1] == ':'))) 101 #else 102 #define is_pathname(s) ((s) != 0 && (s)[0] == '/') 103 #endif 104 return is_pathname(path); 105 } 106 107 /* 108 * Return index of the basename 109 */ 110 NCURSES_EXPORT(unsigned) 111 _nc_pathlast(const char *path) 112 { 113 const char *test = strrchr(path, '/'); 114 #ifdef __EMX__ 115 if (test == 0) 116 test = strrchr(path, '\\'); 117 #endif 118 if (test == 0) 119 test = path; 120 else 121 test++; 122 return (unsigned) (test - path); 123 } 124 125 NCURSES_EXPORT(char *) 126 _nc_basename(char *path) 127 { 128 return path + _nc_pathlast(path); 129 } 130 131 NCURSES_EXPORT(int) 132 _nc_access(const char *path, int mode) 133 { 134 int result; 135 136 if (path == 0) { 137 result = -1; 138 } else if (ACCESS(path, mode) < 0) { 139 if ((mode & W_OK) != 0 140 && errno == ENOENT 141 && strlen(path) < PATH_MAX) { 142 char head[PATH_MAX]; 143 char *leaf; 144 145 _nc_STRCPY(head, path, sizeof(head)); 146 leaf = _nc_basename(head); 147 if (leaf == 0) 148 leaf = head; 149 *leaf = '\0'; 150 if (head == leaf) 151 _nc_STRCPY(head, ".", sizeof(head)); 152 153 result = ACCESS(head, R_OK | W_OK | X_OK); 154 } else { 155 result = -1; 156 } 157 } else { 158 result = 0; 159 } 160 return result; 161 } 162 163 NCURSES_EXPORT(bool) 164 _nc_is_dir_path(const char *path) 165 { 166 bool result = FALSE; 167 struct stat sb; 168 169 if (stat(path, &sb) == 0 170 && S_ISDIR(sb.st_mode)) { 171 result = TRUE; 172 } 173 return result; 174 } 175 176 NCURSES_EXPORT(bool) 177 _nc_is_file_path(const char *path) 178 { 179 bool result = FALSE; 180 struct stat sb; 181 182 if (stat(path, &sb) == 0 183 && S_ISREG(sb.st_mode)) { 184 result = TRUE; 185 } 186 return result; 187 } 188 189 #if HAVE_GETEUID && HAVE_GETEGID 190 #define is_posix_elevated() \ 191 (getuid() != geteuid() \ 192 || getgid() != getegid()) 193 #else 194 #define is_posix_elevated() FALSE 195 #endif 196 197 #if HAVE_ISSETUGID 198 #define is_elevated() issetugid() 199 #elif USE_GETAUXVAL && defined(AT_SECURE) 200 #define is_elevated() \ 201 (getauxval(AT_SECURE) \ 202 ? TRUE \ 203 : (errno != ENOENT \ 204 ? FALSE \ 205 : is_posix_elevated())) 206 #else 207 #define is_elevated() is_posix_elevated() 208 #endif 209 210 #if HAVE_SETFSUID 211 #define lower_privileges() \ 212 int save_err = errno; \ 213 setfsuid(getuid()); \ 214 setfsgid(getgid()); \ 215 errno = save_err 216 #define resume_elevation() \ 217 save_err = errno; \ 218 setfsuid(geteuid()); \ 219 setfsgid(getegid()); \ 220 errno = save_err 221 #else 222 #define lower_privileges() /* nothing */ 223 #define resume_elevation() /* nothing */ 224 #endif 225 226 /* 227 * Returns true if not running as root or setuid. We use this check to allow 228 * applications to use environment variables that are used for searching lists 229 * of directories, etc. 230 */ 231 NCURSES_EXPORT(int) 232 _nc_env_access(void) 233 { 234 int result = TRUE; 235 236 #if HAVE_GETUID && HAVE_GETEUID 237 #if !defined(USE_SETUID_ENVIRON) 238 if (is_elevated()) { 239 result = FALSE; 240 } 241 #endif 242 #if !defined(USE_ROOT_ENVIRON) 243 if ((getuid() == ROOT_UID) || (geteuid() == ROOT_UID)) { 244 result = FALSE; 245 } 246 #endif 247 #endif /* HAVE_GETUID && HAVE_GETEUID */ 248 return result; 249 } 250 251 #ifndef USE_ROOT_ACCESS 252 /* 253 * Limit privileges if possible; otherwise disallow access for updating files. 254 */ 255 NCURSES_EXPORT(FILE *) 256 _nc_safe_fopen(const char *path, const char *mode) 257 { 258 FILE *result = NULL; 259 #if HAVE_SETFSUID 260 lower_privileges(); 261 result = fopen(path, mode); 262 resume_elevation(); 263 #else 264 if (!is_elevated() || *mode == 'r') { 265 result = fopen(path, mode); 266 } 267 #endif 268 return result; 269 } 270 271 NCURSES_EXPORT(int) 272 _nc_safe_open3(const char *path, int flags, mode_t mode) 273 { 274 int result = -1; 275 #if HAVE_SETFSUID 276 lower_privileges(); 277 result = open(path, flags, mode); 278 resume_elevation(); 279 #else 280 if (!is_elevated() || (flags & O_RDONLY)) { 281 result = open(path, flags, mode); 282 } 283 #endif 284 return result; 285 } 286 #endif /* USE_ROOT_ACCESS */ 287