From 3c39c277bd275200a7c9efefa9f6d16217adb2a6 Mon Sep 17 00:00:00 2001 From: Geir Hauge Date: Tue, 11 Dec 2012 13:41:48 +0000 Subject: [PATCH] Make sure the EDITOR does not have access to the mysql socket --- mysql-dbadm.c | 57 ++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 45 insertions(+), 12 deletions(-) diff --git a/mysql-dbadm.c b/mysql-dbadm.c index 7bf3585..38eba14 100644 --- a/mysql-dbadm.c +++ b/mysql-dbadm.c @@ -376,7 +376,6 @@ editperm(MYSQL *pmysql, const char *db) char fn[] = "/tmp/mysql-dbadm.tmp.XXXXXX"; FILE *f; char *editor; - char cmd[1024]; /* shell command for editing the file */ char line[1024]; /* buffer to hold one line */ char *cp; /* used to interate through a line */ char *user, *select_priv, *insert_priv, *update_priv, *delete_priv, @@ -386,8 +385,11 @@ editperm(MYSQL *pmysql, const char *db) char *queries[MAX_GRANTS]; /* insert queries */ int lines; /* number of grant lines processed */ int i; /* iterate through lines[] */ + int fd; + pid_t pid; + int exit_status = -1; - int fd = mkstemp(fn); + fd = mkstemp(fn); if (fd == -1) return dberror(NULL, "Cannot create a unique temporary file name."); @@ -398,17 +400,46 @@ editperm(MYSQL *pmysql, const char *db) writeperm(f, pmysql, db); fclose(f); - editor = getenv("EDITOR"); - if (!editor) - editor = "pico"; /* OK since editor won't be freed */ - strcpy(cmd, editor); - strcat(cmd, " "); - strcat(cmd, fn); - if (system(cmd) == -1) { - dberror(NULL, "Failed to execute '%s'\n", cmd); - perror("system"); - return 1; + pid = fork(); + if ( pid < 0 ) + { + perror("Failed to fork"); + exit(2); } + else if ( pid != 0 ) + { + int status = 0; + while ( waitpid(pid, &status, 0) ) + { + if (WIFEXITED(status)) + { + exit_status = WEXITSTATUS(status); + break; + } + } + } + else + { + /* Should not have access to the mysql socket here */ + if (close(pmysql->net.fd) != 0) + { + perror("Failed to close fd"); + exit(1); + } + + editor = getenv("EDITOR"); + if (!editor) + editor = "pico"; /* OK since editor won't be freed */ + + execlp(editor, editor, fn, NULL); + perror("Failed to execute editor"); + fprintf(stderr, "Make sure the EDITOR environment variable contains" + " a valid editor\n"); + exit(1); + } + + if (exit_status != 0) + return 1; /* parse */ f = fopen(fn, "r"); @@ -534,6 +565,8 @@ editperm(MYSQL *pmysql, const char *db) dberror(pmysql, "Failed to insert grant line %d.", i + 1); free(queries[i]); } + + fprintf(stderr,"Permissions updated\n"); return 0; }