SUID comments, review

author: Christian Grothoff <christian@grothoff.org> 2010-02-06 23:23:14 +0000
committer: Christian Grothoff <christian@grothoff.org> 2010-02-06 23:23:14 +0000
commit: 8721bed1d8c889b98020870d5453e6648355b3bd (patch)
tree: 98dedbc4d9b19186a83bf9b6ea3f97cce5cb4d43 /src
parent: 94229794b52dd866fe7d27ffbed20da18934087d (diff)
download: gnunet-8721bed1d8c889b98020870d5453e6648355b3bd.tar.gz
gnunet-8721bed1d8c889b98020870d5453e6648355b3bd.zip
3 files changed, 45 insertions, 1 deletions
diff --git a/src/transport/Makefile.am b/src/transport/Makefile.am
index 4294075fa..afcd60bc5 100644
--- a/src/transport/Makefile.am
+++ b/src/transport/Makefile.am
@@ -10,6 +10,13 @@ if USE_COVERAGE
  AM_CFLAGS = --coverage -O0
 endif
+if LINUX
+NATBIN = gnunet-nat-server gnunet-nat-client
+install-exec-hook:
+        chown root $(bindir)/gnunet-nat-server $(bindir)/gnunet-nat-client || true
+        chmod u+s $(bindir)/gnunet-nat-server $(bindir)/gnunet-nat-client || true
+endif
 lib_LTLIBRARIES = \
  libgnunettransport.la
@@ -29,7 +36,14 @@ libgnunettransport_la_LDFLAGS = \
 bin_PROGRAMS = \
 gnunet-transport \
- gnunet-service-transport 
+ gnunet-service-transport $(NATBIN)
+gnunet_nat_server_SOURCES = \
+ gnunet-nat-server.c         
+gnunet_nat_client_SOURCES = \
+ gnunet-nat-client.c         
 gnunet_transport_SOURCES = \
diff --git a/src/transport/gnunet-nat-client.c b/src/transport/gnunet-nat-client.c
index ba99c8816..42af5ca77 100644
--- a/src/transport/gnunet-nat-client.c
+++ b/src/transport/gnunet-nat-client.c
@@ -23,6 +23,21 @@
 * @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do)
 *        This code will work under GNU/Linux only.  
 * @author Christian Grothoff
+ *
+ * This program will send ONE ICMP message using RAW sockets
+ * to the IP address specified as the second argument.  Since
+ * it uses RAW sockets, it must be installed SUID or run as 'root'.
+ * In order to keep the security risk of the resulting SUID binary
+ * minimal, the program ONLY opens the RAW socket with root
+ * priviledges, then drops them and only then starts to process
+ * command line arguments.  The code also does not link against
+ * any shared libraries (except libc) and is strictly minimal
+ * (except for checking for errors).  The following list of people
+ * have reviewed this code and considered it safe since the last
+ * modification (if you reviewed it, please have your name added
+ * to the list):
+ *
+ * - Christian Grothoff
 */
 #define _GNU_SOURCE
 #include <sys/types.h> 
diff --git a/src/transport/gnunet-nat-server.c b/src/transport/gnunet-nat-server.c
index 225c0af5f..333c0d642 100644
--- a/src/transport/gnunet-nat-server.c
+++ b/src/transport/gnunet-nat-server.c
@@ -23,6 +23,21 @@
 * @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do)
 *        This code will work under GNU/Linux only (or maybe BSDs, but never W32)
 * @author Christian Grothoff
+ *
+ * This program will send ONE ICMP message every 500 ms RAW sockets
+ * to a DUMMY IP address and also listens for ICMP replies.  Since
+ * it uses RAW sockets, it must be installed SUID or run as 'root'.
+ * In order to keep the security risk of the resulting SUID binary
+ * minimal, the program ONLY opens the two RAW sockets with root
+ * priviledges, then drops them and only then starts to process
+ * command line arguments.  The code also does not link against
+ * any shared libraries (except libc) and is strictly minimal
+ * (except for checking for errors).  The following list of people
+ * have reviewed this code and considered it safe since the last
+ * modification (if you reviewed it, please have your name added
+ * to the list):
+ *
+ * - Christian Grothoff
 */
 #define _GNU_SOURCE
 #include <sys/types.h>
author	Christian Grothoff <christian@grothoff.org>	2010-02-06 23:23:14 +0000
committer	Christian Grothoff <christian@grothoff.org>	2010-02-06 23:23:14 +0000
commit	8721bed1d8c889b98020870d5453e6648355b3bd (patch)
tree	98dedbc4d9b19186a83bf9b6ea3f97cce5cb4d43 /src
parent	94229794b52dd866fe7d27ffbed20da18934087d (diff)
download	gnunet-8721bed1d8c889b98020870d5453e6648355b3bd.tar.gz gnunet-8721bed1d8c889b98020870d5453e6648355b3bd.zip

diff --git a/src/transport/Makefile.am b/src/transport/Makefile.am index 4294075fa..afcd60bc5 100644 --- a/src/transport/Makefile.am +++ b/src/transport/Makefile.am
@@ -10,6 +10,13 @@ if USE_COVERAGE
10	AM_CFLAGS = --coverage -O0	10	AM_CFLAGS = --coverage -O0
11	endif	11	endif
12		12
		13	if LINUX
		14	NATBIN = gnunet-nat-server gnunet-nat-client
		15	install-exec-hook:
		16	chown root $(bindir)/gnunet-nat-server $(bindir)/gnunet-nat-client \|\| true
		17	chmod u+s $(bindir)/gnunet-nat-server $(bindir)/gnunet-nat-client \|\| true
		18	endif
		19
13		20
14	lib_LTLIBRARIES = \	21	lib_LTLIBRARIES = \
15	libgnunettransport.la	22	libgnunettransport.la
@@ -29,7 +36,14 @@ libgnunettransport_la_LDFLAGS = \
29		36
30	bin_PROGRAMS = \	37	bin_PROGRAMS = \
31	gnunet-transport \	38	gnunet-transport \
32	gnunet-service-transport	39	gnunet-service-transport $(NATBIN)
		40
		41
		42	gnunet_nat_server_SOURCES = \
		43	gnunet-nat-server.c
		44
		45	gnunet_nat_client_SOURCES = \
		46	gnunet-nat-client.c
33		47
34		48
35	gnunet_transport_SOURCES = \	49	gnunet_transport_SOURCES = \


diff --git a/src/transport/gnunet-nat-client.c b/src/transport/gnunet-nat-client.c index ba99c8816..42af5ca77 100644 --- a/src/transport/gnunet-nat-client.c +++ b/src/transport/gnunet-nat-client.c
@@ -23,6 +23,21 @@
23	* @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do)	23	* @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do)
24	* This code will work under GNU/Linux only.	24	* This code will work under GNU/Linux only.
25	* @author Christian Grothoff	25	* @author Christian Grothoff
		26	*
		27	* This program will send ONE ICMP message using RAW sockets
		28	* to the IP address specified as the second argument. Since
		29	* it uses RAW sockets, it must be installed SUID or run as 'root'.
		30	* In order to keep the security risk of the resulting SUID binary
		31	* minimal, the program ONLY opens the RAW socket with root
		32	* priviledges, then drops them and only then starts to process
		33	* command line arguments. The code also does not link against
		34	* any shared libraries (except libc) and is strictly minimal
		35	* (except for checking for errors). The following list of people
		36	* have reviewed this code and considered it safe since the last
		37	* modification (if you reviewed it, please have your name added
		38	* to the list):
		39	*
		40	* - Christian Grothoff
26	*/	41	*/
27	#define _GNU_SOURCE	42	#define _GNU_SOURCE
28	#include <sys/types.h>	43	#include <sys/types.h>


diff --git a/src/transport/gnunet-nat-server.c b/src/transport/gnunet-nat-server.c index 225c0af5f..333c0d642 100644 --- a/src/transport/gnunet-nat-server.c +++ b/src/transport/gnunet-nat-server.c
@@ -23,6 +23,21 @@
23	* @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do)	23	* @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do)
24	* This code will work under GNU/Linux only (or maybe BSDs, but never W32)	24	* This code will work under GNU/Linux only (or maybe BSDs, but never W32)
25	* @author Christian Grothoff	25	* @author Christian Grothoff
		26	*
		27	* This program will send ONE ICMP message every 500 ms RAW sockets
		28	* to a DUMMY IP address and also listens for ICMP replies. Since
		29	* it uses RAW sockets, it must be installed SUID or run as 'root'.
		30	* In order to keep the security risk of the resulting SUID binary
		31	* minimal, the program ONLY opens the two RAW sockets with root
		32	* priviledges, then drops them and only then starts to process
		33	* command line arguments. The code also does not link against
		34	* any shared libraries (except libc) and is strictly minimal
		35	* (except for checking for errors). The following list of people
		36	* have reviewed this code and considered it safe since the last
		37	* modification (if you reviewed it, please have your name added
		38	* to the list):
		39	*
		40	* - Christian Grothoff
26	*/	41	*/
27	#define _GNU_SOURCE	42	#define _GNU_SOURCE
28	#include <sys/types.h>	43	#include <sys/types.h>