Make guts into official library.

[checkpath] / chkpath.c

/* -*-c-*-
 *
 * $Id: chkpath.c,v 1.3 2003/01/25 23:58:44 mdw Exp $
 *
 * Check a user's file search path
 *
 * (c) 1999 Mark Wooding
 */

/*----- Licensing notice --------------------------------------------------* 
 *
 * This file is part of chkpath.
 *
 * chkpath is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 * 
 * chkpath is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with chkpath; if not, write to the Free Software Foundation,
 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */

/*----- Revision history --------------------------------------------------* 
 *
 * $Log: chkpath.c,v $
 * Revision 1.3  2003/01/25 23:58:44  mdw
 * Make guts into official library.
 *
 * Revision 1.2  2001/01/25 22:16:02  mdw
 * Make flags be unsigned.
 *
 * Revision 1.1.1.1  1999/04/06 20:12:07  mdw
 * Import new project.
 *
 */

/*----- Header files ------------------------------------------------------*/

#include <errno.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include <mLib/alloc.h>
#include <mLib/mdwopt.h>
#include <mLib/quis.h>
#include <mLib/report.h>

#include "checkpath.h"

/*----- Main code ---------------------------------------------------------*/

static void report(unsigned what, int verbose,
                   const char *p, const char *msg,
                   void *arg)
{
  moan("%s", msg);
}

/* --- @usage@ --- */

static void usage(FILE *fp)
{
  fprintf(fp, "Usage: %s [-vqstp] [PATH...]\n", QUIS);
}

/* --- @version@ --- */

static void version(FILE *fp)
{
  fprintf(fp, "%s version %s\n", QUIS, VERSION);
}

/* --- @help@ --- */

static void help(FILE *fp)
{
  version(fp);
  putc('\n', fp);
  usage(fp);
  fputs("\n\
Checks a path string (by default the PATH variable) for security.  It\n\
ensures that only `root' or the calling user can write to all the parent\n\
directories of the path elements, so nobody can maliciously replace the\n\
binaries unexpectedly.\n\
\n\
Options provided are:\n\
\n\
-h, --help              Display this help message.\n\
-V, --version           Display the program's version number.\n\
-u, --usage             Show a terse usage summary.\n\
\n\
-v, --verbose           Be verbose about the search progress (cumulative).\n\
-q, --quiet             Be quiet about the search progress (cumulative).\n\
-s, --sticky            Consider sticky directories secure against\n\
                        modification by world and group (not recommended).\n\
-t, --trust-group       Consider other members of your group trustworthy.\n\
-p, --print             Write the secure path elements to standard output.\n\
",
        fp);
}

int main(int argc, char *argv[])
{
  unsigned bad = 0;
  int i;
  char *p, *q, *path;
  struct checkpath cp;
  int f = 0;

#define f_print 1u
#define f_colon 2u

  /* --- Initialize the world --- */

  ego(argv[0]);

  /* --- Set up path scanning defaults --- */

  cp.cp_verbose = 1;
  cp.cp_what = CP_PROBLEMS | CP_REPORT | CP_SYMLINK;
  cp.cp_report = report;
  cp.cp_arg = 0;
  checkpath_setids(&cp);

  /* --- Parse the options --- */

  for (;;) {
    static struct option opts[] = {
      { "help",         0,              0,      'h' },
      { "version",      0,              0,      'V' },
      { "usage",        0,              0,      'u' },
      { "verbose",      0,              0,      'v' },
      { "quiet",        0,              0,      'q' },
      { "sticky",       0,              0,      's' },
      { "trust-group",  0,              0,      't' },
      { "print",        0,              0,      'p' },
      { 0,              0,              0,      0 }
    };
    int i = mdwopt(argc, argv, "hVu vqstp", opts, 0, 0, 0);

    if (i < 0)
      break;
    switch (i) {
      case 'h':
        help(stdout);
        exit(0);
      case 'V':
        version(stdout);
        exit(0);
      case 'u':
        usage(stdout);
        exit(0);
      case 'v':
        cp.cp_verbose++;
        break;
      case 'q':
        if (cp.cp_verbose)
          cp.cp_verbose--;
        break;
      case 's':
        cp.cp_what |= CP_STICKYOK;
        break;
      case 't':
        cp.cp_what = (cp.cp_what & ~CP_WRGRP) | CP_WROTHGRP;
        break;
      case 'p':
        f |= f_print;
        break;
      default:
        bad = 1;
        break;
    }
  }

  if (bad) {
    usage(stderr);
    exit(1);
  }

  /* --- Sort out what needs doing --- */

  if (optind == argc) {
    path = getenv("PATH");
    argv = &path;
    argc = 1;
    optind = 0;
  }

  for (i = optind; i < argc; i++) {
    p = xstrdup(argv[i]);
    q = strtok(p, ":");
    while (q) {
      unsigned b = checkpath(q, &cp);
      if (!b && (f & f_print)) {
        if (f & f_colon)
          putchar(':');
        fputs(q, stdout);
        f |= f_colon;
      }
      bad |= b;
      q = strtok(0, ":");
    }
    free(p);
  }

  if (f & f_colon)
    putchar('\n');

  return (bad);
}

/*----- That's all, folks -------------------------------------------------*/