[lttng-ust.git] / liblttng-ust / getenv.c

/*
 * Copyright (C) 2017 - Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; only
 * version 2.1 of the License.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */

#include <stdlib.h>
#include <unistd.h>
#include <stdbool.h>
#include <sys/types.h>
#include <usterr-signal-safe.h>
#include <helper.h>
#include "getenv.h"

enum lttng_env_secure {
	LTTNG_ENV_SECURE,
	LTTNG_ENV_NOT_SECURE,
};

struct lttng_env {
	const char *key;
	enum lttng_env_secure secure;
	char *value;
};

static struct lttng_env lttng_env[] = {
	/*
	 * LTTNG_UST_DEBUG is used directly by snprintf, because it
	 * needs to be already set for ERR() used in
	 * lttng_ust_getenv_init().
	 */
	{ "LTTNG_UST_DEBUG", LTTNG_ENV_NOT_SECURE, NULL, },

	/* Env. var. which can be used in setuid/setgid executables. */
	{ "LTTNG_UST_WITHOUT_BADDR_STATEDUMP", LTTNG_ENV_NOT_SECURE, NULL, },
	{ "LTTNG_UST_REGISTER_TIMEOUT", LTTNG_ENV_NOT_SECURE, NULL, },

	/* Env. var. which are not fetched in setuid/setgid executables. */
	{ "LTTNG_UST_CLOCK_PLUGIN", LTTNG_ENV_SECURE, NULL, },
	{ "LTTNG_UST_GETCPU_PLUGIN", LTTNG_ENV_SECURE, NULL, },
	{ "LTTNG_UST_ALLOW_BLOCKING", LTTNG_ENV_SECURE, NULL, },
	{ "HOME", LTTNG_ENV_SECURE, NULL, },
	{ "LTTNG_HOME", LTTNG_ENV_SECURE, NULL, },
};

static
int lttng_is_setuid_setgid(void)
{
	return geteuid() != getuid() || getegid() != getgid();
}

char *lttng_getenv(const char *name)
{
	size_t i;
	struct lttng_env *e;
	bool found = false;

	for (i = 0; i < LTTNG_ARRAY_SIZE(lttng_env); i++) {
		e = &lttng_env[i];

		if (strcmp(e->key, name) == 0) {
			found = true;
			break;
		}
	}
	if (!found) {
		return NULL;
	}
	return e->value;
}

void lttng_ust_getenv_init(void)
{
	size_t i;

	for (i = 0; i < LTTNG_ARRAY_SIZE(lttng_env); i++) {
		struct lttng_env *e = &lttng_env[i];

		if (e->secure == LTTNG_ENV_SECURE && lttng_is_setuid_setgid()) {
			ERR("Getting environment variable '%s' from setuid/setgid binary refused for security reasons.",
				e->key);
			continue;
		}
		e->value = getenv(e->key);
	}
}
Commit	Line	Data
6f626d28 MD	1	/*
	2	* Copyright (C) 2017 - Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
	3	*
	4	* This library is free software; you can redistribute it and/or
	5	* modify it under the terms of the GNU Lesser General Public
	6	* License as published by the Free Software Foundation; only
	7	* version 2.1 of the License.
	8	*
	9	* This library is distributed in the hope that it will be useful,
	10	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	12	* Lesser General Public License for more details.
	13	*
	14	* You should have received a copy of the GNU Lesser General Public
	15	* License along with this library; if not, write to the Free Software
	16	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
	17	*/
	18
	19	#include <stdlib.h>
	20	#include <unistd.h>
	21	#include <stdbool.h>
	22	#include <sys/types.h>
	23	#include <usterr-signal-safe.h>
	24	#include <helper.h>
	25	#include "getenv.h"
	26
	27	enum lttng_env_secure {
	28	LTTNG_ENV_SECURE,
	29	LTTNG_ENV_NOT_SECURE,
	30	};
	31
	32	struct lttng_env {
	33	const char *key;
	34	enum lttng_env_secure secure;
	35	char *value;
	36	};
	37
	38	static struct lttng_env lttng_env[] = {
	39	/*
	40	* LTTNG_UST_DEBUG is used directly by snprintf, because it
	41	* needs to be already set for ERR() used in
	42	* lttng_ust_getenv_init().
	43	*/
	44	{ "LTTNG_UST_DEBUG", LTTNG_ENV_NOT_SECURE, NULL, },
	45
	46	/* Env. var. which can be used in setuid/setgid executables. */
	47	{ "LTTNG_UST_WITHOUT_BADDR_STATEDUMP", LTTNG_ENV_NOT_SECURE, NULL, },
	48	{ "LTTNG_UST_REGISTER_TIMEOUT", LTTNG_ENV_NOT_SECURE, NULL, },
	49
	50	/* Env. var. which are not fetched in setuid/setgid executables. */
	51	{ "LTTNG_UST_CLOCK_PLUGIN", LTTNG_ENV_SECURE, NULL, },
	52	{ "LTTNG_UST_GETCPU_PLUGIN", LTTNG_ENV_SECURE, NULL, },
b2c5f61a	53	{ "LTTNG_UST_ALLOW_BLOCKING", LTTNG_ENV_SECURE, NULL, },
6f626d28 MD	54	{ "HOME", LTTNG_ENV_SECURE, NULL, },
	55	{ "LTTNG_HOME", LTTNG_ENV_SECURE, NULL, },
	56	};
	57
	58	static
	59	int lttng_is_setuid_setgid(void)
	60	{
	61	return geteuid() != getuid() \|\| getegid() != getgid();
	62	}
	63
	64	char lttng_getenv(const char name)
	65	{
	66	size_t i;
	67	struct lttng_env *e;
	68	bool found = false;
	69
	70	for (i = 0; i < LTTNG_ARRAY_SIZE(lttng_env); i++) {
	71	e = &lttng_env[i];
	72
	73	if (strcmp(e->key, name) == 0) {
	74	found = true;
	75	break;
	76	}
	77	}
	78	if (!found) {
	79	return NULL;
	80	}
	81	return e->value;
	82	}
	83
	84	void lttng_ust_getenv_init(void)
	85	{
	86	size_t i;
	87
	88	for (i = 0; i < LTTNG_ARRAY_SIZE(lttng_env); i++) {
	89	struct lttng_env *e = &lttng_env[i];
	90
	91	if (e->secure == LTTNG_ENV_SECURE && lttng_is_setuid_setgid()) {
	92	ERR("Getting environment variable '%s' from setuid/setgid binary refused for security reasons.",
	93	e->key);
	94	continue;
	95	}
	96	e->value = getenv(e->key);
	97	}
	98	}