* Security: make sure the lock files used by build-remote.pl are not

readable to other users.  Otherwise, any user can open the lock file
  for reading and lock it, thus DoSing the remote build mechanism.
This commit is contained in:
Eelco Dolstra 2011-12-21 19:11:58 +00:00
parent 69d6f0936a
commit 4d728bc3e6

View file

@ -1,6 +1,6 @@
#! @perl@ -w @perlFlags@ #! @perl@ -w @perlFlags@
use Fcntl ':flock'; use Fcntl qw(:DEFAULT :flock);
use English '-no_match_vars'; use English '-no_match_vars';
use IO::Handle; use IO::Handle;
use Nix::Config; use Nix::Config;
@ -56,7 +56,7 @@ sub openSlotLock {
my ($machine, $slot) = @_; my ($machine, $slot) = @_;
my $slotLockFn = "$currentLoad/" . (join '+', @{$machine->{systemTypes}}) . "-" . $machine->{hostName} . "-$slot"; my $slotLockFn = "$currentLoad/" . (join '+', @{$machine->{systemTypes}}) . "-" . $machine->{hostName} . "-$slot";
my $slotLock = new IO::Handle; my $slotLock = new IO::Handle;
open $slotLock, ">>$slotLockFn" or die; sysopen $slotLock, "$slotLockFn", O_RDWR|O_CREAT, 0600 or die;
return $slotLock; return $slotLock;
} }
@ -64,7 +64,7 @@ sub openSlotLock {
# Read the list of machines. # Read the list of machines.
my @machines; my @machines;
if (defined $conf && -e $conf) { if (defined $conf && -e $conf) {
open CONF, "< $conf" or die; open CONF, "<$conf" or die;
while (<CONF>) { while (<CONF>) {
chomp; chomp;
s/\#.*$//g; s/\#.*$//g;
@ -104,7 +104,7 @@ REQ: while (1) {
# Acquire the exclusive lock on $currentLoad/main-lock. # Acquire the exclusive lock on $currentLoad/main-lock.
mkdir $currentLoad, 0777 or die unless -d $currentLoad; mkdir $currentLoad, 0777 or die unless -d $currentLoad;
my $mainLock = "$currentLoad/main-lock"; my $mainLock = "$currentLoad/main-lock";
open MAINLOCK, ">>$mainLock" or die; sysopen MAINLOCK, "$mainLock", O_RDWR|O_CREAT, 0600 or die;
flock(MAINLOCK, LOCK_EX) or die; flock(MAINLOCK, LOCK_EX) or die;
@ -232,7 +232,7 @@ sub removeRoots {
# the same missing path simultaneously, causing the effective network # the same missing path simultaneously, causing the effective network
# bandwidth and target disk speed to be divided by N. # bandwidth and target disk speed to be divided by N.
my $uploadLock = "$currentLoad/$hostName.upload-lock"; my $uploadLock = "$currentLoad/$hostName.upload-lock";
open MAINLOCK, ">>$uploadLock" or die; sysopen MAINLOCK, "$uploadLock", O_RDWR|O_CREAT, 0600 or die;
flock(MAINLOCK, LOCK_EX) or die; flock(MAINLOCK, LOCK_EX) or die;
Nix::CopyClosure::copyTo($hostName, [ @sshOpts ], [ $drvPath, @inputs ], "", "", 0, 0, $maybeSign ne ""); Nix::CopyClosure::copyTo($hostName, [ @sshOpts ], [ $drvPath, @inputs ], "", "", 0, 0, $maybeSign ne "");
close MAINLOCK; close MAINLOCK;