From 67674e59a6dfd011820535773b98d1474651c5a5 Mon Sep 17 00:00:00 2001 From: Christian Franke Date: Thu, 4 Dec 2014 00:27:19 +0100 Subject: [PATCH] Drop privileges --- picocom.c | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/picocom.c b/picocom.c index 02ddb5d..23235a2 100644 --- a/picocom.c +++ b/picocom.c @@ -30,12 +30,17 @@ #include #include #include +#include #include #include #include #include #include #include +#include +#include +#include +#include #include #define _GNU_SOURCE @@ -1151,6 +1156,31 @@ parse_args(int argc, char *argv[]) /**********************************************************************/ +static void do_seccomp(void) +{ + struct sock_filter filter[] = { + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, offsetof(struct seccomp_data, nr)), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_exit_group, 9, 0), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ioctl, 8, 0), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_nanosleep, 7, 0), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_read, 6, 0), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_rt_sigaction, 5, 0), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_rt_sigprocmask, 4, 0), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_select, 3, 0), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_unlink, 2, 0), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_write, 1, 0), + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL), + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) + }; + + struct sock_fprog prog = { + .len = sizeof(filter) / sizeof(filter[0]), + .filter = filter + }; + + if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) + fatal("Could not drop privileges!"); +} int main(int argc, char *argv[]) @@ -1206,6 +1236,9 @@ main(int argc, char *argv[]) term_strerror(term_errno, errno)); fd_printf(STO, "Terminal ready\r\n"); + + do_seccomp(); + loop(); fd_printf(STO, "\r\n"); -- 2.1.1