Fix: setuid/setgid daemons should not get sensitive env. var./args

[lttng-tools.git] / src / bin / lttng / lttng.c

diff --git a/src/bin/lttng/lttng.c b/src/bin/lttng/lttng.c
index 34ccd59c517a6a737f8953cc717f4de28e8f9f60..8e5bb0fd468cd52b670f8dfef3b62250b7ec5aed 100644 (file)
--- a/src/bin/lttng/lttng.c
+++ b/src/bin/lttng/lttng.c
@@ -30,6 +30,7 @@
 
 #include <lttng/lttng.h>
 #include <common/error.h>
+#include <common/compat/getenv.h>
 
 #include "command.h"
 
@@ -238,7 +239,7 @@ static int set_signal_handler(void)
        sigset_t sigset;
 
        if ((ret = sigemptyset(&sigset)) < 0) {
-               perror("sigemptyset");
+               PERROR("sigemptyset");
                goto end;
        }
 
@@ -246,17 +247,17 @@ static int set_signal_handler(void)
        sa.sa_mask = sigset;
        sa.sa_flags = 0;
        if ((ret = sigaction(SIGUSR1, &sa, NULL)) < 0) {
-               perror("sigaction");
+               PERROR("sigaction");
                goto end;
        }
 
        if ((ret = sigaction(SIGTERM, &sa, NULL)) < 0) {
-               perror("sigaction");
+               PERROR("sigaction");
                goto end;
        }
 
        if ((ret = sigaction(SIGCHLD, &sa, NULL)) < 0) {
-               perror("sigaction");
+               PERROR("sigaction");
                goto end;
        }
 
@@ -324,7 +325,7 @@ static int spawn_sessiond(char *pathname)
                if (errno == ENOENT) {
                        ERR("No session daemon found. Use --sessiond-path.");
                } else {
-                       perror("execlp");
+                       PERROR("execlp");
                }
                kill(getppid(), SIGTERM);       /* wake parent */
                exit(EXIT_FAILURE);
@@ -350,7 +351,7 @@ static int spawn_sessiond(char *pathname)
                }
                goto end;
        } else {
-               perror("fork");
+               PERROR("fork");
                ret = -1;
                goto end;
        }
@@ -445,6 +446,11 @@ static int parse_args(int argc, char **argv)
        int opt, ret;
        char *user;
 
+       if (lttng_is_setuid_setgid()) {
+               ERR("'%s' is not allowed to be executed as a setuid/setgid binary for security reasons. Aborting.", argv[0]);
+               clean_exit(EXIT_FAILURE);
+       }
+
        if (argc < 2) {
                usage(stderr);
                clean_exit(EXIT_FAILURE);