Fix: setuid/setgid daemons should not get sensitive env. var./args

[lttng-tools.git] / src / bin / lttng / lttng.c

diff --git a/src/bin/lttng/lttng.c b/src/bin/lttng/lttng.c
index a676be825684d5bd70d34753feb72343ef639322..8e5bb0fd468cd52b670f8dfef3b62250b7ec5aed 100644 (file)
--- a/src/bin/lttng/lttng.c
+++ b/src/bin/lttng/lttng.c
@@ -16,6 +16,7 @@
  */
 
 #define _GNU_SOURCE
+#define _LGPL_SOURCE
 #include <getopt.h>
 #include <signal.h>
 #include <stdio.h>
@@ -29,6 +30,7 @@
 
 #include <lttng/lttng.h>
 #include <common/error.h>
+#include <common/compat/getenv.h>
 
 #include "command.h"
 
@@ -83,8 +85,6 @@ static struct cmd_struct commands[] =  {
        { "snapshot", cmd_snapshot},
        { "save", cmd_save},
        { "load", cmd_load},
-       { "enable-consumer", cmd_enable_consumer}, /* OBSOLETE */
-       { "disable-consumer", cmd_disable_consumer}, /* OBSOLETE */
        { NULL, NULL}   /* Array closure */
 };
 
@@ -239,7 +239,7 @@ static int set_signal_handler(void)
        sigset_t sigset;
 
        if ((ret = sigemptyset(&sigset)) < 0) {
-               perror("sigemptyset");
+               PERROR("sigemptyset");
                goto end;
        }
 
@@ -247,17 +247,17 @@ static int set_signal_handler(void)
        sa.sa_mask = sigset;
        sa.sa_flags = 0;
        if ((ret = sigaction(SIGUSR1, &sa, NULL)) < 0) {
-               perror("sigaction");
+               PERROR("sigaction");
                goto end;
        }
 
        if ((ret = sigaction(SIGTERM, &sa, NULL)) < 0) {
-               perror("sigaction");
+               PERROR("sigaction");
                goto end;
        }
 
        if ((ret = sigaction(SIGCHLD, &sa, NULL)) < 0) {
-               perror("sigaction");
+               PERROR("sigaction");
                goto end;
        }
 
@@ -325,7 +325,7 @@ static int spawn_sessiond(char *pathname)
                if (errno == ENOENT) {
                        ERR("No session daemon found. Use --sessiond-path.");
                } else {
-                       perror("execlp");
+                       PERROR("execlp");
                }
                kill(getppid(), SIGTERM);       /* wake parent */
                exit(EXIT_FAILURE);
@@ -351,7 +351,7 @@ static int spawn_sessiond(char *pathname)
                }
                goto end;
        } else {
-               perror("fork");
+               PERROR("fork");
                ret = -1;
                goto end;
        }
@@ -446,6 +446,11 @@ static int parse_args(int argc, char **argv)
        int opt, ret;
        char *user;
 
+       if (lttng_is_setuid_setgid()) {
+               ERR("'%s' is not allowed to be executed as a setuid/setgid binary for security reasons. Aborting.", argv[0]);
+               clean_exit(EXIT_FAILURE);
+       }
+
        if (argc < 2) {
                usage(stderr);
                clean_exit(EXIT_FAILURE);
@@ -485,9 +490,17 @@ static int parse_args(int argc, char **argv)
                        break;
                case OPT_SESSION_PATH:
                        opt_sessiond_path = strdup(optarg);
+                       if (!opt_sessiond_path) {
+                               ret = -1;
+                               goto error;
+                       }
                        break;
                case OPT_RELAYD_PATH:
                        opt_relayd_path = strdup(optarg);
+                       if (!opt_relayd_path) {
+                               ret = -1;
+                               goto error;
+                       }
                        break;
                case OPT_DUMP_OPTIONS:
                        list_options(stdout);