From 2a5702a936829c30b1c427028fdb75a21e2e6771 Mon Sep 17 00:00:00 2001 From: nicm Date: Thu, 12 Mar 2020 09:26:34 +0000 Subject: [PATCH] When the server socket is given by the user with -S, create it with umask 177 instead of 117 because it may not be in a safe directory like the default directory in /tmp. The user can chmod it more open after it is created if they want. --- client.c | 23 +++++++++++------------ server.c | 17 +++++++++++------ tmux.c | 13 ++++++++----- tmux.h | 4 +++- 4 files changed, 33 insertions(+), 24 deletions(-) diff --git a/client.c b/client.c index 0c2a6ee2..f819e924 100644 --- a/client.c +++ b/client.c @@ -97,7 +97,7 @@ client_get_lock(char *lockfile) /* Connect client to server. */ static int -client_connect(struct event_base *base, const char *path, int start_server) +client_connect(struct event_base *base, const char *path, int flags) { struct sockaddr_un sa; size_t size; @@ -122,7 +122,7 @@ retry: log_debug("connect failed: %s", strerror(errno)); if (errno != ECONNREFUSED && errno != ENOENT) goto failed; - if (!start_server) + if (~flags & CLIENT_STARTSERVER) goto failed; close(fd); @@ -154,7 +154,7 @@ retry: close(lockfd); return (-1); } - fd = server_start(client_proc, base, lockfd, lockfile); + fd = server_start(client_proc, flags, base, lockfd, lockfile); } if (locked && lockfd >= 0) { @@ -238,7 +238,7 @@ client_main(struct event_base *base, int argc, char **argv, int flags) struct cmd_parse_result *pr; struct cmd *cmd; struct msg_command *data; - int cmdflags, fd, i; + int fd, i; const char *ttynam, *cwd; pid_t ppid; enum msgtype msg; @@ -248,17 +248,13 @@ client_main(struct event_base *base, int argc, char **argv, int flags) /* Ignore SIGCHLD now or daemon() in the server will leave a zombie. */ signal(SIGCHLD, SIG_IGN); - /* Save the flags. */ - client_flags = flags; - /* Set up the initial command. */ - cmdflags = 0; if (shell_command != NULL) { msg = MSG_SHELL; - cmdflags = CMD_STARTSERVER; + flags = CLIENT_STARTSERVER; } else if (argc == 0) { msg = MSG_COMMAND; - cmdflags = CMD_STARTSERVER; + flags |= CLIENT_STARTSERVER; } else { msg = MSG_COMMAND; @@ -271,19 +267,22 @@ client_main(struct event_base *base, int argc, char **argv, int flags) if (pr->status == CMD_PARSE_SUCCESS) { TAILQ_FOREACH(cmd, &pr->cmdlist->list, qentry) { if (cmd->entry->flags & CMD_STARTSERVER) - cmdflags |= CMD_STARTSERVER; + flags |= CLIENT_STARTSERVER; } cmd_list_free(pr->cmdlist); } else free(pr->error); } + /* Save the flags. */ + client_flags = flags; + /* Create client process structure (starts logging). */ client_proc = proc_start("client"); proc_set_signals(client_proc, client_signal); /* Initialize the client socket and start the server. */ - fd = client_connect(base, socket_path, cmdflags & CMD_STARTSERVER); + fd = client_connect(base, socket_path, client_flags); if (fd == -1) { if (errno == ECONNREFUSED) { fprintf(stderr, "no server running on %s\n", diff --git a/server.c b/server.c index e75b02da..55430e73 100644 --- a/server.c +++ b/server.c @@ -45,6 +45,7 @@ struct clients clients; struct tmuxproc *server_proc; static int server_fd = -1; +static int server_client_flags; static int server_exit; static struct event server_ev_accept; @@ -98,7 +99,7 @@ server_check_marked(void) /* Create server socket. */ static int -server_create_socket(char **cause) +server_create_socket(int flags, char **cause) { struct sockaddr_un sa; size_t size; @@ -117,7 +118,10 @@ server_create_socket(char **cause) if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) goto fail; - mask = umask(S_IXUSR|S_IXGRP|S_IRWXO); + if (flags & CLIENT_DEFAULTSOCKET) + mask = umask(S_IXUSR|S_IXGRP|S_IRWXO); + else + mask = umask(S_IXUSR|S_IRWXG|S_IRWXO); if (bind(fd, (struct sockaddr *)&sa, sizeof sa) == -1) { saved_errno = errno; close(fd); @@ -146,8 +150,8 @@ fail: /* Fork new server. */ int -server_start(struct tmuxproc *client, struct event_base *base, int lockfd, - char *lockfile) +server_start(struct tmuxproc *client, int flags, struct event_base *base, + int lockfd, char *lockfile) { int pair[2]; sigset_t set, oldset; @@ -156,6 +160,7 @@ server_start(struct tmuxproc *client, struct event_base *base, int lockfd, if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pair) != 0) fatal("socketpair failed"); + server_client_flags = flags; sigfillset(&set); sigprocmask(SIG_BLOCK, &set, &oldset); @@ -193,7 +198,7 @@ server_start(struct tmuxproc *client, struct event_base *base, int lockfd, gettimeofday(&start_time, NULL); - server_fd = server_create_socket(&cause); + server_fd = server_create_socket(flags, &cause); if (server_fd != -1) server_update_socket(); c = server_client_create(pair[1]); @@ -396,7 +401,7 @@ server_signal(int sig) break; case SIGUSR1: event_del(&server_ev_accept); - fd = server_create_socket(NULL); + fd = server_create_socket(server_client_flags, NULL); if (fd != -1) { close(server_fd); server_fd = fd; diff --git a/tmux.c b/tmux.c index 6572ad4e..572e705c 100644 --- a/tmux.c +++ b/tmux.c @@ -379,12 +379,15 @@ main(int argc, char **argv) path[strcspn(path, ",")] = '\0'; } } - if (path == NULL && (path = make_label(label, &cause)) == NULL) { - if (cause != NULL) { - fprintf(stderr, "%s\n", cause); - free(cause); + if (path == NULL) { + if ((path = make_label(label, &cause)) == NULL) { + if (cause != NULL) { + fprintf(stderr, "%s\n", cause); + free(cause); + } + exit(1); } - exit(1); + flags |= CLIENT_DEFAULTSOCKET; } socket_path = path; free(label); diff --git a/tmux.h b/tmux.h index 67cecd6b..e4e23fcf 100644 --- a/tmux.h +++ b/tmux.h @@ -1577,6 +1577,8 @@ struct client { #define CLIENT_REDRAWSTATUSALWAYS 0x1000000 #define CLIENT_REDRAWOVERLAY 0x2000000 #define CLIENT_CONTROL_NOOUTPUT 0x4000000 +#define CLIENT_DEFAULTSOCKET 0x8000000 +#define CLIENT_STARTSERVER 0x10000000 #define CLIENT_ALLREDRAWFLAGS \ (CLIENT_REDRAWWINDOW| \ CLIENT_REDRAWSTATUS| \ @@ -2200,7 +2202,7 @@ void server_clear_marked(void); int server_is_marked(struct session *, struct winlink *, struct window_pane *); int server_check_marked(void); -int server_start(struct tmuxproc *, struct event_base *, int, char *); +int server_start(struct tmuxproc *, int, struct event_base *, int, char *); void server_update_socket(void); void server_add_accept(int);