use OpenBSD pledge() to drop privileges

To be tested see #405
2019-10-03 23:23:53 +02:00 · 2019-10-03 23:23:53 +02:00 · 22223da9a1
parent 174db857f8
commit 22223da9a1
3 changed files with 19 additions and 3 deletions
--- a/miniupnpd/Changelog.txt
+++ b/miniupnpd/Changelog.txt
@ -1,4 +1,7 @@
-$Id: Changelog.txt,v 1.453 2019/10/02 22:12:37 nanard Exp $
+$Id: Changelog.txt,v 1.454 2019/10/03 20:40:37 nanard Exp $
+
+2019/10/03:
+  Use OpenBSD pledge()

 2019/10/02:
  Working NFTables implementation thanks to Paul Chambers
--- a/miniupnpd/genconfig.sh
+++ b/miniupnpd/genconfig.sh
@ -1,5 +1,5 @@
 #! /bin/sh
-# $Id: genconfig.sh,v 1.100 2019/09/24 11:50:34 nanard Exp $
+# $Id: genconfig.sh,v 1.103 2019/10/03 20:40:39 nanard Exp $
 # vim: tabstop=4 shiftwidth=4 noexpandtab
 #
 # miniupnp daemon
@ -146,6 +146,10 @@ case $OS_NAME in
 		MAJORVER=`echo $OS_VERSION | cut -d. -f1`
 		MINORVER=`echo $OS_VERSION | cut -d. -f2`
 		#echo "OpenBSD majorversion=$MAJORVER minorversion=$MINORVER"
+		# The pledge() system call first appeared in OpenBSD 5.9.
+		if [ \( $MAJORVER -ge 6 \) -o \( $MAJORVER -eq 5 -a $MINORVER -ge 9 \) ]; then
+			echo "#define HAS_PLEDGE" >> ${CONFIGFILE}
+		fi
 		# rtableid was introduced in OpenBSD 4.0
 		if [ $MAJORVER -ge 4 ]; then
 			echo "#define PFRULE_HAS_RTABLEID" >> ${CONFIGFILE}
--- a/miniupnpd/miniupnpd.c
+++ b/miniupnpd/miniupnpd.c
@ -1,4 +1,4 @@
-/* $Id: miniupnpd.c,v 1.235 2019/05/21 08:39:43 nanard Exp $ */
+/* $Id: miniupnpd.c,v 1.237 2019/10/03 20:40:40 nanard Exp $ */
 /* vim: tabstop=4 shiftwidth=4 noexpandtab
 * MiniUPnP project
 * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
@ -2241,6 +2241,15 @@ main(int argc, char * * argv)
 	}
 #endif

+	/* drop privileges */
+#ifdef HAS_PLEDGE
+	/* mcast ? unix ? */
+	if (pledge("stdio inet pf", NULL) < 0) {
+		syslog(LOG_ERR, "pledge(): %m");
+		return 1;
+	}
+#endif /* HAS_PLEDGE */
+
 	/* main loop */
 	while(!quitting)
 	{