X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=extras%2Fvolume_id%2Fvol_id.c;h=2274550c197305e9d15d573a87ba65b4f7426bf2;hp=fe0b3a0ed070039201fd426cf53850d7b5f605b2;hb=f05da2ae00de9fedaabb59dbf9a18b63175c5d40;hpb=c907c823c388dfbdfa7054cfb2f4e9b92eb31e2e

diff --git a/extras/volume_id/vol_id.c b/extras/volume_id/vol_id.c
index fe0b3a0ed..2274550c1 100644
--- a/extras/volume_id/vol_id.c
+++ b/extras/volume_id/vol_id.c
@@ -1,7 +1,7 @@
 /*
- * vol_id - udev callout to read filesystem label and uuid
+ * vol_id - read filesystem label and uuid
  *
- * Copyright (C) 2005 Kay Sievers <kay.sievers@vrfy.org>
+ * Copyright (C) 2005-2006 Kay Sievers <kay.sievers@vrfy.org>
  *
  *	This program is free software; you can redistribute it and/or modify it
  *	under the terms of the GNU General Public License as published by the
@@ -27,11 +27,11 @@
 #include <unistd.h>
 #include <string.h>
 #include <ctype.h>
+#include <grp.h>
 #include <sys/ioctl.h>
 
-#include "../../udev_utils.h"
-#include "../../logging.h"
-#include "volume_id/volume_id.h"
+#include "../../udev.h"
+#include "lib/libvolume_id.h"
 
 #define BLKGETSIZE64 _IOR(0x12,114,size_t)
 
@@ -60,6 +60,18 @@ void log_message(int priority, const char *format, ...)
 }
 #endif
 
+static void vid_log(int priority, const char *file, int line, const char *format, ...)
+{
+#ifdef USE_LOG
+	va_list args;
+
+	va_start(args, format);
+	log_message(priority, format, args);
+	va_end(args);
+#endif
+	return;
+}
+
 static void set_str(char *to, const char *from, size_t count)
 {
 	size_t i, j, len;
@@ -111,10 +123,15 @@ int main(int argc, char *argv[])
 	int i;
 	uint64_t size;
 	const char *node = NULL;
+	uid_t nobody_uid;
+	gid_t nobody_gid;
 	int rc = 0;
 
 	logging_init("vol_id");
 
+	/* hook in our debug into libvolume_id */
+	volume_id_log_fn = vid_log;
+
 	for (i = 1 ; i < argc; i++) {
 		char *arg = argv[i];
 
@@ -145,17 +162,31 @@ int main(int argc, char *argv[])
 
 	if (ioctl(vid->fd, BLKGETSIZE64, &size) != 0)
 		size = 0;
+	dbg("BLKGETSIZE64=%llu", size);
+
+	/* drop all privileges */
+	nobody_uid = lookup_user("nobody");
+	nobody_gid = lookup_group("nogroup");
+	if (nobody_uid > 0 && nobody_gid > 0) {
+		if (setgroups(0, NULL) != 0 ||
+		    setgid(nobody_gid) != 0 ||
+		    setuid(nobody_uid) != 0) {
+			rc = 3;
+			goto exit;
+		}
+	}
 
 	if (volume_id_probe_all(vid, 0, size) == 0)
 		goto print;
 
 	if (print != PRINT_EXPORT)
 		fprintf(stderr, "%s: unknown volume type\n", node);
-	rc = 3;
+	rc = 4;
 	goto exit;
 
 print:
 	set_str(name, vid->label, sizeof(vid->label));
+	replace_untrusted_chars(name);
 
 	switch (print) {
 	case PRINT_EXPORT: