aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2019-01-06 18:28:04 (GMT)
committerJouni Malinen <j@w1.fi>2019-01-06 18:28:04 (GMT)
commit02f52ab6f5cedf4b51e799dfbde692fea92d7702 (patch)
tree4eee3fba6c59cda9e3338e8f51da0986e7608d76 /wpa_supplicant
parentb686745c76b8fe88a6d4adda1be136d2d74f094c (diff)
downloadhostap-02f52ab6f5cedf4b51e799dfbde692fea92d7702.zip
hostap-02f52ab6f5cedf4b51e799dfbde692fea92d7702.tar.gz
hostap-02f52ab6f5cedf4b51e799dfbde692fea92d7702.tar.bz2
Use lchown() instead of chown() for self-created files
There is no need to allow symlink dereferencing in these cases where a file (including directories and sockets) are created by the same process, so use the safer lchown() variant to avoid leaving potential windows for something external to replace the file before the chown() call. The particular locations used here should not have write permissions enabled for processes with less privileges, so this may not be needed, but anyway, it is better to make these more restrictive should there be cases where directory permissions are not as expected for a good deployment. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant')
-rw-r--r--wpa_supplicant/ctrl_iface_unix.c12
-rw-r--r--wpa_supplicant/hs20_supplicant.c2
2 files changed, 7 insertions, 7 deletions
diff --git a/wpa_supplicant/ctrl_iface_unix.c b/wpa_supplicant/ctrl_iface_unix.c
index b88c80a..71fe7ed 100644
--- a/wpa_supplicant/ctrl_iface_unix.c
+++ b/wpa_supplicant/ctrl_iface_unix.c
@@ -570,8 +570,8 @@ static int wpas_ctrl_iface_open_sock(struct wpa_supplicant *wpa_s,
}
}
- if (gid_set && chown(dir, -1, gid) < 0) {
- wpa_printf(MSG_ERROR, "chown[ctrl_interface=%s,gid=%d]: %s",
+ if (gid_set && lchown(dir, -1, gid) < 0) {
+ wpa_printf(MSG_ERROR, "lchown[ctrl_interface=%s,gid=%d]: %s",
dir, (int) gid, strerror(errno));
goto fail;
}
@@ -638,8 +638,8 @@ static int wpas_ctrl_iface_open_sock(struct wpa_supplicant *wpa_s,
}
}
- if (gid_set && chown(fname, -1, gid) < 0) {
- wpa_printf(MSG_ERROR, "chown[ctrl_interface=%s,gid=%d]: %s",
+ if (gid_set && lchown(fname, -1, gid) < 0) {
+ wpa_printf(MSG_ERROR, "lchown[ctrl_interface=%s,gid=%d]: %s",
fname, (int) gid, strerror(errno));
goto fail;
}
@@ -1235,9 +1235,9 @@ static int wpas_global_ctrl_iface_open_sock(struct wpa_global *global,
wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d",
(int) gid);
}
- if (chown(ctrl, -1, gid) < 0) {
+ if (lchown(ctrl, -1, gid) < 0) {
wpa_printf(MSG_ERROR,
- "chown[global_ctrl_interface=%s,gid=%d]: %s",
+ "lchown[global_ctrl_interface=%s,gid=%d]: %s",
ctrl, (int) gid, strerror(errno));
goto fail;
}
diff --git a/wpa_supplicant/hs20_supplicant.c b/wpa_supplicant/hs20_supplicant.c
index 267612a..cb236df 100644
--- a/wpa_supplicant/hs20_supplicant.c
+++ b/wpa_supplicant/hs20_supplicant.c
@@ -431,7 +431,7 @@ static void hs20_set_osu_access_permission(const char *osu_dir,
return;
}
- if (chown(fname, statbuf.st_uid, statbuf.st_gid) < 0) {
+ if (lchown(fname, statbuf.st_uid, statbuf.st_gid) < 0) {
wpa_printf(MSG_WARNING, "Cannot change the ownership for %s",
fname);
}