Skip to content

Instantly share code, notes, and snippets.

@deferraz
Created March 5, 2013 00:11
Show Gist options
  • Select an option

  • Save deferraz/5086885 to your computer and use it in GitHub Desktop.

Select an option

Save deferraz/5086885 to your computer and use it in GitHub Desktop.
diff -uNr a/src/Application.cpp b/src/Application.cpp--- a/src/Application.cpp 2013-03-04 17:55:40.000000000 -0300
+++ b/src/Application.cpp 2013-03-04 18:27:12.000000000 -0300
@@ -306,13 +306,15 @@ // Common code (for all security modes)
// Check UID/GID of script
- if (scriptFile.getUser().getUid() < config.getMinUid()) {
+ if ((scriptFile.getUser().getUid() < config.getMinUid()) &&
+ scriptFile.getUser().getUid() != config.getExceptUid()) { std::string error = "UID of script \"" + scriptFilename + "\" is smaller than min_uid"; logger.logWarning(error);
throw SoftException(error, __FILE__, __LINE__);
}- if (scriptFile.getGroup().getGid() < config.getMinGid()) {+ if ((scriptFile.getGroup().getGid() < config.getMinGid()) &&+ scriptFile.getGroup().getGid() != config.getExceptGid()) {
std::string error = "GID of script \"" + scriptFilename
+ "\" is smaller than min_gid";
logger.logWarning(error);
diff -uNr a/src/Configuration.cpp b/src/Configuration.cpp
--- a/src/Configuration.cpp 2013-03-04 17:55:40.000000000 -0300
+++ b/src/Configuration.cpp 2013-03-04 18:26:54.000000000 -0300@@ -154,6 +154,10 @@ this->min_uid = Util::strToInt(value); else if (key == "min_gid")
this->min_gid = Util::strToInt(value);
+ else if (key == "except_uid")
+ this->except_uid = Util::strToInt(value);
+ else if (key == "except_gid")
+ this->except_gid = Util::strToInt(value);
else if (key == "umask")
this->umask = Util::octalStrToInt(value);
else if (key == "chroot")
@@ -238,6 +242,14 @@
}
}
+int suPHP::Configuration::getExceptUid() const {
+ return this->except_uid;
+}
+
+int suPHP::Configuration::getExceptGid() const {
+ return this->except_gid;
+}
+
int suPHP::Configuration::getMinUid() const {
return this->min_uid;
}
diff -uNr a/src/Configuration.hpp b/src/Configuration.hpp
--- a/src/Configuration.hpp 2013-03-04 17:55:40.000000000 -0300
+++ b/src/Configuration.hpp 2013-03-04 18:26:54.000000000 -0300
@@ -55,6 +55,8 @@
LogLevel loglevel;
int min_uid;
int min_gid;
+ int except_uid;
+ int except_gid;
int umask;
std::string chroot_path;
bool handle_userdir;
@@ -148,6 +150,16 @@
throw (KeyNotFoundException);
/**+ * Returns except UID allowed for scripts
+ */
+ int getExceptUid() const;
+
+ /**
+ * Returns except GID allowed for scripts
+ */
+ int getExceptGid() const;
+
+ /**
* Returns minimum UID allowed for scripts
*/
int getMinUid() const;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment