diff options
author | sternenseemann <0rpkxez4ksa01gb3typccl0i@systemli.org> | 2020-08-24 19:22:26 +0200 |
---|---|---|
committer | sternenseemann <0rpkxez4ksa01gb3typccl0i@systemli.org> | 2020-08-24 19:22:26 +0200 |
commit | 4b86f27d7d5f4d5802bc46efde01371137cd489a (patch) | |
tree | 350744b07de3014d35210f204a1da4f82bb4e65d | |
parent | 342c550fa7243398fa6b580d7f8393f5029e42c0 (diff) |
feat(entry): allow disabling the strict access check
-rw-r--r-- | config.example.h | 14 | ||||
-rw-r--r-- | entry.c | 15 |
2 files changed, 24 insertions, 5 deletions
diff --git a/config.example.h b/config.example.h index 2cd3ac3..dad9dad 100644 --- a/config.example.h +++ b/config.example.h @@ -27,6 +27,20 @@ */ #define BLOG_SERVER_URL "http://localhost" +/*! + * @brief Enable / Disable strict access check + * + * If enabled, sternenblog will only serve files which are either owned + * by the user or group it is running as. This usually means that in order + * to be served files must be `chown`ed to the group or user the webserver + * is running as. Consequently it is harder to accidentally make files public. + * + * If disabled, sternenblog will serve any file in `BLOG_DIR` it can read. + * + * @see BLOG_DIR + */ +#define BLOG_STRICT_ACCESS 1 + //! @} /*! diff --git a/entry.c b/entry.c index bf2a808..5714978 100644 --- a/entry.c +++ b/entry.c @@ -1,6 +1,7 @@ #define _POSIX_C_SOURCE 200809L #include <errno.h> #include <fcntl.h> +#include <stdbool.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -10,6 +11,7 @@ #include <unistd.h> #include "core.h" +#include "config.h" // TODO: make independent? #include "cgiutil.h" #include "entry.h" @@ -100,11 +102,14 @@ int make_entry(const char *blog_dir, char *script_name, char *path_info, struct int regular_file = (file_info.st_mode & S_IFMT) == S_IFREG; - // refuse to process files that are not - // owned by the webserver's group or user - gid_t gid = getegid(); - uid_t uid = geteuid(); - int access = file_info.st_gid == gid || file_info.st_uid == uid; + // strict access check requires files to be owned by the webserver's + // group or user in order to be processed. can be disabled in config.h + bool access = !BLOG_STRICT_ACCESS; + if(BLOG_STRICT_ACCESS) { + gid_t gid = getegid(); + uid_t uid = geteuid(); + access = file_info.st_gid == gid || file_info.st_uid == uid; + } if(!access) { return http_errno(EACCES); |