sys: don't start privops helper for NTS-KE helper

The NTS-KE helper doesn't need to bind sockets or adjust the clock. Don't start the privops helper, or keep the capabilities, when dropping root privileges in its context.
2020-10-05 18:14:23 +02:00 · 2020-10-05 18:14:23 +02:00 · 8e9716d5d4
commit 8e9716d5d4
parent a96d288027
4 changed files with 10 additions and 3 deletions
--- a/sys_linux.c
+++ b/sys_linux.c
@ -450,6 +450,10 @@ SYS_Linux_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context, int clock_c
               clock_control ? "cap_sys_time=ep" : "") >= sizeof (cap_text))
    assert(0);

+  /* Helpers don't need any capabilities */
+  if (context != SYS_MAIN_PROCESS)
+    cap_text[0] = '\0';
+
  if ((cap = cap_from_text(cap_text)) == NULL) {
    LOG_FATAL("cap_from_text() failed");
  }
--- a/sys_macosx.c
+++ b/sys_macosx.c
@ -417,7 +417,8 @@ SYS_MacOSX_SetScheduler(int SchedPriority)
 #ifdef FEAT_PRIVDROP
 void SYS_MacOSX_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 {
-  PRV_StartHelper();
+  if (context == SYS_MAIN_PROCESS)
+    PRV_StartHelper();

  UTI_DropRoot(uid, gid);
 }
--- a/sys_netbsd.c
+++ b/sys_netbsd.c
@ -139,7 +139,8 @@ SYS_NetBSD_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)

  /* On NetBSD the helper is used only for socket binding, but on FreeBSD
     it's used also for setting and adjusting the system clock */
-  PRV_StartHelper();
+  if (context == SYS_MAIN_PROCESS)
+    PRV_StartHelper();

  UTI_DropRoot(uid, gid);

--- a/sys_solaris.c
+++ b/sys_solaris.c
@ -57,7 +57,8 @@ SYS_Solaris_Finalise(void)
 void
 SYS_Solaris_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 {
-  PRV_StartHelper();
+  if (context == SYS_MAIN_PROCESS)
+    PRV_StartHelper();
  UTI_DropRoot(uid, gid);
 }
 #endif