From 711ef81bfba7c95cf8da71f0086d9514164cf3ce Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Sun, 13 Jan 2019 14:05:03 +0100 Subject: macos: filter SUID and SGID bits in OpenatUser, MknodatUser, MkdiratUser When gocryptfs runs as root, we don't want to allow people to create SUID root files. --- internal/syscallcompat/sys_darwin.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'internal/syscallcompat') diff --git a/internal/syscallcompat/sys_darwin.go b/internal/syscallcompat/sys_darwin.go index 52803ab..5c855d8 100644 --- a/internal/syscallcompat/sys_darwin.go +++ b/internal/syscallcompat/sys_darwin.go @@ -48,6 +48,9 @@ func Openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) func OpenatUser(dirfd int, path string, flags int, mode uint32, context *fuse.Context) (fd int, err error) { // FIXME: take into account context.Owner + // Until we have that, filter SUID and SGID bits: + mode = filterSuidSgid(mode) + return Openat(dirfd, path, flags, mode) } @@ -65,6 +68,9 @@ func Mknodat(dirfd int, path string, mode uint32, dev int) (err error) { func MknodatUser(dirfd int, path string, mode uint32, dev int, context *fuse.Context) (err error) { // FIXME: take into account context.Owner + // Until we have that, filter SUID and SGID bits: + mode = filterSuidSgid(mode) + return Mknodat(dirfd, path, mode, dev) } @@ -91,6 +97,9 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) { func MkdiratUser(dirfd int, path string, mode uint32, context *fuse.Context) (err error) { // FIXME: take into account context.Owner + // Until we have that, filter SUID and SGID bits: + mode = filterSuidSgid(mode) + return Mkdirat(dirfd, path, mode) } @@ -101,3 +110,8 @@ func Fstatat(dirfd int, path string, stat *unix.Stat_t, flags int) (err error) { func Getdents(fd int) ([]fuse.DirEntry, error) { return emulateGetdents(fd) } + +// filterSuidSgid removes SUID and SGID bits from "mode". +func filterSuidSgid(mode uint32) uint32 { + return mode & ^uint32(syscall.S_ISGID|syscall.S_ISUID) +} -- cgit v1.2.3