mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-01-31 19:43:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
cosmopolitan/test/libc/calls
History
Jōshin f94c11d978
Loader path security (#1012) 
The ape loader now passes the program executable name directly as a
register. `x2` is used on aarch64, `%rdx` on x86_64. This is passed
as the third argument to `cosmo()` (M1) or `Launch` (non-M1) and is
assigned to the global `__program_executable_name`.

`GetProgramExecutableName` now returns this global's value, setting
it if it is initially null. `InitProgramExecutableName` first tries
exotic, secure methods: `KERN_PROC_PATHNAME` on FreeBSD/NetBSD, and
`/proc` on Linux. If those produce a reasonable response (i.e., not
`"/usr/bin/ape"`, which happens with the loader before this change),
that is used. Otherwise, if `issetugid()`, the empty string is used.
Otherwise, the old argv/envp parsing code is run.

The value returned from the loader is always the full absolute path
of the binary to be executed, having passed through `realpath`. For
the non-M1 loader, this necessitated writing `RealPath`, which uses
`readlinkat` of `"/proc/self/fd/[progfd]"` on Linux, `F_GETPATH` on
Xnu, and the `__realpath` syscall on OpenBSD. On FreeBSD/NetBSD, it
punts to `GetProgramExecutableName`, which is secure on those OSes.

With the loader, all platforms now have a secure program executable
name. With no loader or an old loader, everything still works as it
did, but setuid/setgid is not supported if the insecure pathfinding
code would have been needed.

Fixes #991.
2023-12-15 12:23:58 -05:00
..
access_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
BUILD.mk Fix more vi modelines (#1006) 2023-12-13 02:28:11 -05:00
cachestat_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
chdir_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
clock_getres_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
clock_gettime_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
clock_nanosleep_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
closefrom_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
commandv_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
copy_file_range_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
dup_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
fchdir_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
fchmod_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
fchmodat_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
fcntl_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
fileexists_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
ftruncate_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
getcontext_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
getcwd_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
getgroups_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
getitimer_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
getprogramexecutablename_test.c Loader path security (#1012) 2023-12-15 12:23:58 -05:00
getrandom_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
ioctl_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
life.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
lock2_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
lock_ofd_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
lock_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
lseek_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
makedirs_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
mkdir_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
mkntcmdline_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
mkntenvblock_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
mkntpath_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
open_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
openatemp_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
openbsd_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
pipe_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
pledge2_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
pledge_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
poll_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
posix_fadvise_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
pread_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
preadv_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
raise_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
read_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
readansi_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
readlinkat_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
readwrite_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
renameat_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
reservefd_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
sched_setscheduler_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
seccomp_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
setrlimit_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
shm_open_test.c Introduce shm_open() and shm_unlink() 2023-10-31 23:57:52 -07:00
sig_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
sigaction_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
sigbus_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
signal_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
sigpending_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
sigprocmask_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
sigsuspend_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
sigtimedwait_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
specialfile_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
splice_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
stackoverflow1_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
stackoverflow2_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
stackoverflow3_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
stackoverflow4_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
stat_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
statfs_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
symlinkat_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
timespec_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
tiny64.elf Bump support up to FreeBSD 13 and NetBSD 9.2 2022-06-11 10:36:17 -07:00
unlinkat_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
unveil_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
utimensat_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
vfork_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
write_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
writev_test.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00
zipread.c flip et / noet in modelines 2023-12-07 22:17:11 -05:00