upstream/oracle/userland-gate: components/apache24/patches/priv

2079 46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	1	Patch origin: in-house
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	2	Patch status: Solaris-specific; not suitable for upstream
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	3
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	4	Drops extra privilege which was given via SMF manifest file.
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	5
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	6	--- server/main.c
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	7	+++ server/main.c
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	8	@@ -45,6 +45,8 @@
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	9	#include <unistd.h>
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	10	#endif
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	11
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	12	+#include <priv.h>
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	13	+
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	14	/* WARNING: Win32 binds http_main.c dynamically to the server. Please place
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	15	* extern functions and global data in another appropriate module.
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	16	*
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	17	@@ -452,6 +454,7 @@
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	18	apr_status_t rv;
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	19	module **mod;
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	20	const char *opt_arg;
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	21	+ priv_set_t *tset;
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	22	APR_OPTIONAL_FN_TYPE(ap_signal_server) *signal_server;
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	23
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	24	AP_MONCONTROL(0); /* turn off profiling of startup */
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	25	@@ -788,6 +806,17 @@
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	26
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	27	ap_run_optional_fn_retrieve();
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	28
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	29	+
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	30	+ /* here we drop privileges we won't need any more */
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	31	+ tset = priv_allocset();
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	32	+ priv_emptyset(tset);
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	33	+ priv_addset(tset, PRIV_NET_PRIVADDR);
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	34	+ if (setppriv(PRIV_OFF, PRIV_PERMITTED, tset) != 0) {
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	35	+ ap_log_error(APLOG_MARK, APLOG_EMERG, 0, NULL,
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	36	+ APLOGNO(00021) "Unable to drop unneeded privilege.");
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	37	+ destroy_and_exit_process(process, 1);
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	38	+ }
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	39	+
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	40	ap_main_state = AP_SQ_MS_RUN_MPM;
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	41	if (ap_run_mpm(pconf, plog, ap_server_conf) != OK)
46ce7840065c PSARC/2014/253 Apache 2.4 integration; EOF Apache 2.2 Petr Sumbera <petr.sumbera@oracle.com> parents: diff changeset	42	break;

author	Stefan Teleman <stefan.teleman@oracle.com>
	Mon, 16 Mar 2015 13:28:51 -0700
changeset 3955	4e310c8109a5
parent 2079	46ce7840065c
child 5828	5009deba8bc0
child 6722	f675056be479
permissions	-rw-r--r--