ARCHIVE/hpcore
1
0
Fork 0
mirror of https://github.com/EvernodeXRPL/hpcore.git synced 2026-04-29 15:37:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Perform contract setuid just before execv. (#332)

Browse Source
This commit is contained in:
Ravin Perera
2021-07-15 09:26:20 +05:30
committed by GitHub
parent 4790c7951c
commit 7b909ed005
1 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/sc/sc.cpp
View File

@@ -168,13 +168,6 @@ namespace sc
// Set up the process environment and overlay the contract binary program with execv().
// Set user execution user/group if specified (Must set gid before setting uid).
if (!conf::cfg.contract.run_as.empty() && (setgid(conf::cfg.contract.run_as.gid) == -1 || setuid(conf::cfg.contract.run_as.uid) == -1))
{
std::cerr << errno << ": Contract process setgid/uid failed." << (ctx.args.readonly ? " (rdonly)" : "") << "\n";
exit(1);
}
if (create_contract_log_files(ctx) == -1)
{
std::cerr << errno << ": Contract process output redirection failed." << (ctx.args.readonly ? " (rdonly)" : "") << "\n";
@@ -222,6 +215,14 @@ namespace sc
exit(1);
}
// Just before we execv the contract binary, we set user execution user/group if specified in hp config.
// (Must set gid before setting uid)
if (!conf::cfg.contract.run_as.empty() && (setgid(conf::cfg.contract.run_as.gid) == -1 || setuid(conf::cfg.contract.run_as.uid) == -1))
{
std::cerr << errno << ": Contract process setgid/uid failed." << (ctx.args.readonly ? " (rdonly)" : "") << "\n";
exit(1);
}
execv(execv_args[0], execv_args);
std::cerr << errno << ": Contract process execv failed." << (ctx.args.readonly ? " (rdonly)" : "") << "\n";
exit(1);