Changeset 16048 in vbox for trunk/src

Timestamp:

Jan 19, 2009 4:50:43 PM (16 years ago)

Author:

vboxsync

Message:

SUPR3: added environment options VBOX_HARD_CAP_NET_RAW and VBOX_HARD_CAP_NET_BIND_SERVICE

File:

: 1 edited

trunk/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp (modified) (5 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp

-              r15884
+              r16048
 /** The real GID at startup. */
 static gid_t g_gid;
+# ifdef RT_OS_LINUX
+static __u32 g_uCaps;
+# endif
 #endif
 …
      */
 #  ifdef USE_LIB_PCAP
+    /* XXX cap_net_bind_service */
     if (!cap_set_proc(cap_from_text("all-eip cap_net_raw+ep")))
         prctl(PR_SET_KEEPCAPS, /*keep=*/1, 0, 0, 0);
 #  else
+    cap_user_header_t hdr = (cap_user_header_t)alloca(sizeof(*hdr));
+    cap_user_data_t   cap = (cap_user_data_t)alloca(sizeof(*cap));
+    memset(hdr, 0, sizeof(*hdr));
+    hdr->version = _LINUX_CAPABILITY_VERSION;
+    memset(cap, 0, sizeof(*cap));
+    cap->effective = CAP_TO_MASK(CAP_NET_RAW);
+    cap->permitted = CAP_TO_MASK(CAP_NET_RAW);
+    if (!capset(hdr, cap))
+        prctl(PR_SET_KEEPCAPS, /*keep=*/1, 0, 0, 0);
+    if (g_uCaps != 0)
+    {
+        cap_user_header_t hdr = (cap_user_header_t)alloca(sizeof(*hdr));
+        cap_user_data_t   cap = (cap_user_data_t)alloca(sizeof(*cap));
+        memset(hdr, 0, sizeof(*hdr));
+        hdr->version = _LINUX_CAPABILITY_VERSION;
+        memset(cap, 0, sizeof(*cap));
+        cap->effective = g_uCaps;
+        cap->permitted = g_uCaps;
+        if (!capset(hdr, cap))
+            prctl(PR_SET_KEEPCAPS, /*keep=*/1, 0, 0, 0);
+    }
 #  endif
 …
+}
+/*
+ * Look at the environment for some special options.
+ */
+static void supR3GrabOptions(void)
+{
+    const char *pszOpt;
+# ifdef RT_OS_LINUX
+    g_uCaps = 0;
+    /*
+     * CAP_NET_RAW.
+     * Default: enabled.
+     * Can be disabled with 'export VBOX_HARD_CAP_NET_RAW=0'.
+     */
+    pszOpt = getenv("VBOX_HARD_CAP_NET_RAW");
+    if (   !pszOpt
+        || memcmp(pszOpt, "0", sizeof("0")) != 0)
+        g_uCaps = CAP_TO_MASK(CAP_NET_RAW);
+    /*
+     * CAP_NET_BIND_SERVICE.
+     * Default: disabled.
+     * Can be enabled with 'export VBOX_HARD_CAP_NET_BIND_SERVICE=1'.
+     */
+    pszOpt = getenv("VBOX_HARD_CAP_NET_BIND_SERVICE");
+    if (   pszOpt
+        && memcmp(pszOpt, "0", sizeof("0")) != 0)
+        g_uCaps |= CAP_TO_MASK(CAP_NET_BIND_SERVICE);
+# endif
+}
 /**
  * Drop any root privileges we might be holding.
 …
 #  ifdef USE_LIB_PCAP
     /** @todo Warn if that does not work? */
+    /* XXX cap_net_bind_service */
     cap_set_proc(cap_from_text("cap_net_raw+ep"));
 #  else
+    cap_user_header_t hdr = (cap_user_header_t)alloca(sizeof(*hdr));
+    cap_user_data_t   cap = (cap_user_data_t)alloca(sizeof(*cap));
+    memset(hdr, 0, sizeof(*hdr));
+    hdr->version = _LINUX_CAPABILITY_VERSION;
+    memset(cap, 0, sizeof(*cap));
+    cap->effective = CAP_TO_MASK(CAP_NET_RAW);
+    cap->permitted = CAP_TO_MASK(CAP_NET_RAW);
+    /** @todo Warn if that does not work? */
+    capset(hdr, cap);
+    if (g_uCaps != 0)
+    {
+        cap_user_header_t hdr = (cap_user_header_t)alloca(sizeof(*hdr));
+        cap_user_data_t   cap = (cap_user_data_t)alloca(sizeof(*cap));
+        memset(hdr, 0, sizeof(*hdr));
+        hdr->version = _LINUX_CAPABILITY_VERSION;
+        memset(cap, 0, sizeof(*cap));
+        cap->effective = g_uCaps;
+        cap->permitted = g_uCaps;
+        /** @todo Warn if that does not work? */
+        capset(hdr, cap);
+    }
 #  endif
 # endif
 …
      */
     supR3HardenedGetFullExePath();
 # endif
+    /*
+     * Grab any options from the environment.
+     */
+    supR3GrabOptions();
     /*

Note: See TracChangeset for help on using the changeset viewer.

Changeset 16048 in vbox for trunk/src

Legend:

trunk/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp

Download in other formats: