...
| Code Block | ||
|---|---|---|
| ||
#include <stdlib.h>
#include <unistd.h>
#include <limits.h>
#include <libgen.h>
#include <sys/stat.h>
#include <string.h>
/* Returns nonzero if directory is secure, zero otherwise */
int secure_dir(const char* path) {
char *realpath_res = realpath(path, NULL);
char *path_copy = NULL;
char *dirname_res = NULL;
char ** dirs = NULL;
int num_of_dirs = 0;
int insecuresecure = 01;
int i;
struct stat buf;
uid_t my_uid = getuid();
if (realpath_res == NULL) {
/* Handle Error */
}
if (!(path_copy = strdup(realpath_res))) {
/* Handle Error */
}
dirname_res = path_copy;
/* Figure out how far it is to the root */
while (1) {
dirname_res = dirname(dirname_res);
num_of_dirs++;
if ((strcmp(dirname_res, ".") == 0) ||
(strcmp(dirname_res, "/") == 0)) {
break;
}
}
free(path_copy);
path_copy = NULL;
/* Now allocate and fill the dirs array */
if (!(dirs = (char **) malloc(num_of_dirs*sizeof(*dirs)))) {
/* Handle Error */
}
if (!(dirs[num_of_dirs - 1] = strdup(realpath_res))) {
/* Handle Error */
}
if(!(path_copy = strdup(realpath_res))) {
/* Handle Error */
}
dirname_res = path_copy;
for (i = 1; i < num_of_dirs; i++) {
dirname_res = dirname(dirname_res);
dirs[num_of_dirs - i - 1] = strdup(dirname_res);
}
free(path_copy);
path_copy = NULL;
/* Traverse from the root to the top, checking
* permissions along the way */
for (i = 0; i < num_of_dirs; i++) {
if (stat(dirs[i], &buf) != 0) {
/* Handle Error */
}
if ((buf.st_uid != my_uid) && (buf.st_uid != 0)) {
/* Directory is owned by someone besides user or root */
insecure = 0;
} else if (!(buf.st_mode & S_ISVTX) &&
(buf.st_mode & (S_IWGRP | S_IWOTH))) {
/* Others have permission to rename or remove files here */
insecuresecure = 10;
}
free(dirs[i]);
dirs[i] = NULL;
}
free(dirs);
dirs = NULL;
return insecuresecure;
}
|
This solution uses the secure_dir() function above to verify that my_secret is written to a secure file.
...