Lines 58-63
Link Here
|
58 |
#include <unistd.h> |
58 |
#include <unistd.h> |
59 |
|
59 |
|
60 |
#include "mntopts.h" |
60 |
#include "mntopts.h" |
|
|
61 |
#include "mount_msdosfs.h" |
61 |
|
62 |
|
62 |
static gid_t a_gid(char *); |
63 |
static gid_t a_gid(char *); |
63 |
static uid_t a_uid(char *); |
64 |
static uid_t a_uid(char *); |
Lines 71-89
Link Here
|
71 |
struct iovec *iov = NULL; |
72 |
struct iovec *iov = NULL; |
72 |
int iovlen = 0; |
73 |
int iovlen = 0; |
73 |
struct stat sb; |
74 |
struct stat sb; |
|
|
75 |
FILE *fp; |
74 |
int c, set_gid, set_uid, set_mask, set_dirmask; |
76 |
int c, set_gid, set_uid, set_mask, set_dirmask; |
75 |
char *dev, *dir, mntpath[MAXPATHLEN], *csp; |
77 |
char *dev, *dir, mntpath[MAXPATHLEN], *csp; |
76 |
char fstype[] = "msdosfs"; |
78 |
char fstype[] = "msdosfs"; |
77 |
char errmsg[255] = {0}; |
79 |
char errmsg[255] = {0}; |
78 |
char *cs_dos = NULL; |
80 |
char *cs_dos = NULL; |
79 |
char *cs_local = NULL; |
81 |
char *cs_local = NULL; |
|
|
82 |
char *confp = NULL, *tok = NULL, flags[FLAGS_MAX_LEN + 1]; |
83 |
char *local_argv[ARG_MAX]; |
84 |
int local_argc = 1; |
80 |
mode_t mask = 0, dirmask = 0; |
85 |
mode_t mask = 0, dirmask = 0; |
81 |
uid_t uid = 0; |
86 |
uid_t uid = 0; |
82 |
gid_t gid = 0; |
87 |
gid_t gid = 0; |
83 |
|
88 |
|
84 |
set_gid = set_uid = set_mask = set_dirmask = 0; |
89 |
set_gid = set_uid = set_mask = set_dirmask = 0; |
85 |
|
90 |
|
86 |
while ((c = getopt(argc, argv, "sl9u:g:m:M:o:L:D:W:")) != -1) { |
91 |
/* Insert flags from conf before argv[1] */ |
|
|
92 |
local_argv[0] = argv[0]; |
93 |
if ( secure_conf(CONF_FILE, &sb, argv) != -1 ) |
94 |
{ |
95 |
if ( (fp = fopen(CONF_FILE, "r")) != NULL ) |
96 |
{ |
97 |
fgets(flags, FLAGS_MAX_LEN, fp); |
98 |
flags[strlen(flags)-1] = '\0'; |
99 |
for (c = 1, confp = flags; |
100 |
(tok = strsep(&confp, " \t")) != NULL; ++c) |
101 |
{ |
102 |
local_argv[c] = tok; |
103 |
} |
104 |
local_argc = c; |
105 |
fclose(fp); |
106 |
} |
107 |
} |
108 |
for (c = 1; c <= argc; ++c) |
109 |
{ |
110 |
local_argv[local_argc + c - 1] = argv[c]; |
111 |
} |
112 |
local_argc += argc - 1; |
113 |
for (c = 0; c <= local_argc; ++c) |
114 |
printf("argv[%d] = %s\n", c, local_argv[c]); |
115 |
|
116 |
while ((c = getopt(local_argc, local_argv, "sl9u:g:m:M:o:L:D:W:")) != -1) { |
87 |
switch (c) { |
117 |
switch (c) { |
88 |
case 's': |
118 |
case 's': |
89 |
build_iovec(&iov, &iovlen, "shortnames", NULL, (size_t)-1); |
119 |
build_iovec(&iov, &iovlen, "shortnames", NULL, (size_t)-1); |
Lines 164-170
Link Here
|
164 |
} |
194 |
} |
165 |
} |
195 |
} |
166 |
|
196 |
|
167 |
if (optind + 2 != argc) |
197 |
if (optind + 2 != local_argc) |
168 |
usage(); |
198 |
usage(); |
169 |
|
199 |
|
170 |
if (set_mask && !set_dirmask) { |
200 |
if (set_mask && !set_dirmask) { |
Lines 176-183
Link Here
|
176 |
set_mask = 1; |
206 |
set_mask = 1; |
177 |
} |
207 |
} |
178 |
|
208 |
|
179 |
dev = argv[optind]; |
209 |
dev = local_argv[optind]; |
180 |
dir = argv[optind + 1]; |
210 |
dir = local_argv[optind + 1]; |
181 |
|
211 |
|
182 |
if (cs_local != NULL) { |
212 |
if (cs_local != NULL) { |
183 |
if (set_charset(&iov, &iovlen, cs_local, cs_dos) == -1) |
213 |
if (set_charset(&iov, &iovlen, cs_local, cs_dos) == -1) |
Lines 227-233
Link Here
|
227 |
err(1, "%s", dev); |
257 |
err(1, "%s", dev); |
228 |
} |
258 |
} |
229 |
|
259 |
|
230 |
exit (0); |
260 |
exit (EX_OK); |
231 |
} |
261 |
} |
232 |
|
262 |
|
233 |
gid_t |
263 |
gid_t |
Lines 323-326
Link Here
|
323 |
} |
353 |
} |
324 |
|
354 |
|
325 |
return (0); |
355 |
return (0); |
|
|
356 |
} |
357 |
|
358 |
|
359 |
int secure_conf(const char *filename, struct stat *sb, char *argv[]) |
360 |
|
361 |
{ |
362 |
int status; |
363 |
|
364 |
if ( (status = stat(filename, sb)) != -1 ) |
365 |
{ |
366 |
if ( (sb->st_uid != 0) || (sb->st_gid != 0) ) |
367 |
{ |
368 |
fprintf(stderr, "%s: Security issue: %s must be owned by root/wheel!\n", argv[0], CONF_FILE); |
369 |
exit(EX_OSFILE); |
370 |
} |
371 |
if ( sb->st_mode &(S_IWGRP|S_IWOTH) ) |
372 |
{ |
373 |
fprintf(stderr, "%s: Security issue: %s cannot be group or world writable!\n", argv[0], CONF_FILE); |
374 |
exit(EX_OSFILE); |
375 |
} |
376 |
} |
377 |
return status; |
326 |
} |
378 |
} |