From 38599afa1d1d1f14a897b01350e8ce94486e1788 Mon Sep 17 00:00:00 2001 From: tedu Date: Thu, 15 Feb 2024 18:57:58 +0000 Subject: [PATCH] change permit to be more bits away from deny, because rowhammer. not really sure why this is our problem, but the diff is small. ok deraadt millert miod --- usr.bin/doas/doas.c | 18 +++++++++++------- usr.bin/doas/doas.h | 4 ++-- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/usr.bin/doas/doas.c b/usr.bin/doas/doas.c index 8b684d6006c..3999b2e2f64 100644 --- a/usr.bin/doas/doas.c +++ b/usr.bin/doas/doas.c @@ -1,4 +1,4 @@ -/* $OpenBSD: doas.c,v 1.98 2022/12/22 19:53:22 kn Exp $ */ +/* $OpenBSD: doas.c,v 1.99 2024/02/15 18:57:58 tedu Exp $ */ /* * Copyright (c) 2015 Ted Unangst * @@ -145,8 +145,10 @@ permit(uid_t uid, gid_t *groups, int ngroups, const struct rule **lastr, *lastr = rules[i]; } if (!*lastr) + return -1; + if ((*lastr)->action == PERMIT) return 0; - return (*lastr)->action == PERMIT; + return -1; } static void @@ -181,6 +183,7 @@ checkconfig(const char *confpath, int argc, char **argv, uid_t uid, gid_t *groups, int ngroups, uid_t target) { const struct rule *rule; + int rv; setresuid(uid, uid, uid); if (pledge("stdio rpath getpw", NULL) == -1) @@ -188,9 +191,9 @@ checkconfig(const char *confpath, int argc, char **argv, parseconfig(confpath, 0); if (!argc) exit(0); - - if (permit(uid, groups, ngroups, &rule, target, argv[0], - (const char **)argv + 1)) { + rv = permit(uid, groups, ngroups, &rule, target, argv[0], + (const char **)argv + 1); + if (rv == 0) { printf("permit%s\n", (rule->options & NOPASS) ? " nopass" : ""); exit(0); } else { @@ -412,8 +415,9 @@ main(int argc, char **argv) } cmd = argv[0]; - if (!permit(uid, groups, ngroups, &rule, target, cmd, - (const char **)argv + 1)) { + rv = permit(uid, groups, ngroups, &rule, target, cmd, + (const char **)argv + 1); + if (rv != 0) { syslog(LOG_AUTHPRIV | LOG_NOTICE, "command not permitted for %s: %s", mypw->pw_name, cmdline); errc(1, EPERM, NULL); diff --git a/usr.bin/doas/doas.h b/usr.bin/doas/doas.h index b98fe353b18..ce6a03618ac 100644 --- a/usr.bin/doas/doas.h +++ b/usr.bin/doas/doas.h @@ -1,4 +1,4 @@ -/* $OpenBSD: doas.h,v 1.19 2021/11/30 20:08:15 tobias Exp $ */ +/* $OpenBSD: doas.h,v 1.20 2024/02/15 18:57:58 tedu Exp $ */ /* * Copyright (c) 2015 Ted Unangst * @@ -36,7 +36,7 @@ struct passwd; char **prepenv(const struct rule *, const struct passwd *, const struct passwd *); -#define PERMIT 1 +#define PERMIT -1 #define DENY 2 #define NOPASS 0x1 -- 2.20.1