VirtualBox

Changeset 87031 in vbox for trunk/src/VBox/HostDrivers


Ignore:
Timestamp:
Dec 2, 2020 11:57:03 AM (4 years ago)
Author:
vboxsync
Message:

Support,FE/VirtualBox: Move the issetugid() hack to the hardened support code to reduce the number of hacks in the VirtualBox frontend

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/HostDrivers/Support/darwin/SUPR3HardenedMain-darwin.cpp

    r87030 r87031  
    4141#include <stdio.h>
    4242#include <stdint.h>
     43#include <unistd.h> /* issetugid() */
    4344#include <mach-o/dyld.h>
    4445
     
    8687
    8788static void * supR3HardenedDarwinDlopenInterpose(const char *path, int mode);
     89static int supR3HardenedDarwinIssetugidInterpose(void);
    8890
    8991
     
    102104static const DYLDINTERPOSE     g_aInterposers[] =
    103105{
    104     { (const void *)(uintptr_t)&supR3HardenedDarwinDlopenInterpose, (const void *)(uintptr_t)&dlopen }
     106    { (const void *)(uintptr_t)&supR3HardenedDarwinDlopenInterpose,    (const void *)(uintptr_t)&dlopen    },
     107    { (const void *)(uintptr_t)&supR3HardenedDarwinIssetugidInterpose, (const void *)(uintptr_t)&issetugid }
    105108};
    106109
     
    147150
    148151/**
     152 * Override this one to try hide the fact that we're setuid to root orginially.
     153 *
     154 * @sa issetugid() man page.
     155 *
     156 * Mac OS X: Really ugly hack to bypass a set-uid check in AppKit.
     157 *
     158 * This will modify the issetugid() function to always return zero.  This must
     159 * be done _before_ AppKit is initialized, otherwise it will refuse to play ball
     160 * with us as it distrusts set-uid processes since Snow Leopard.  We, however,
     161 * have carefully dropped all root privileges at this point and there should be
     162 * no reason for any security concern here.
     163 */
     164static int supR3HardenedDarwinIssetugidInterpose(void)
     165{
     166    Dl_info Info = {0};
     167    char szMsg[512];
     168    size_t cchMsg;
     169    const void * uCaller = __builtin_return_address(0);
     170    if (dladdr(uCaller, &Info))
     171        cchMsg = snprintf(szMsg, sizeof(szMsg), "DEBUG: issetugid_for_AppKit was called by %p %s::%s+%p (via %p)\n",
     172                          uCaller, Info.dli_fname, Info.dli_sname, (void *)((uintptr_t)uCaller - (uintptr_t)Info.dli_saddr), __builtin_return_address(1));
     173    else
     174        cchMsg = snprintf(szMsg, sizeof(szMsg), "DEBUG: issetugid_for_AppKit was called by %p (via %p)\n", uCaller, __builtin_return_address(1));
     175    write(2, szMsg, cchMsg);
     176    return 0;
     177}
     178
     179
     180/**
    149181 * Callback to get notified of new images being loaded to be able to apply our dlopn() interposer.
    150182 *
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette