Re: does this patch make sense?

[Peter J. Philipp]

On 11/07/13 17:32, Ted Unangst wrote:
> On Thu, Nov 07, 2013 at 17:19, Peter J. Philipp wrote:
> 
>>> +       gid = getgid();
>>> +
>>> +       if (setgroups(1, &gid) == -1)
>>> +               err(1, "setgroups");
>>> +
>>> +       if (setresgid(gid, gid, gid) == -1)
>>> +               err(1, "setresgid");
>>> +
>>>         if (setresuid(uid, uid, uid) == -1)
>>>                 err(1, "setresuid");
>>>
>>
>>
>> I thought about it and thought my patch didn't really do anything.  So
> 
> Right. This doesn't do anything. traceroute isn't setgid, it has no
> group privileges to revoke.
> 
> 
>> /* DiffServ Codepoints and other TOS mappings */
>> +       /* KEEP SORTED */
>> const struct toskeywords {
>> const char      *keyword;
>> int              val;
>> @@ -1258,14 +1268,13 @@ map_tos(char *s, int *val)
>> { NULL,                 -1 },
>> };
>>
>> -       for (t = toskeywords; t->keyword != NULL; t++) {
>> -               if (strcmp(s, t->keyword) == 0) {
>> -                       *val = t->val;
>> -                       return (1);
>> -               }
>> -       }
>> +       t = bsearch(s, toskeywords, nitems(toskeywords), sizeof(struct
>> toskeywords), (int (*)(const void *, const void *))strcmp);
> 
> I don't like the way this is abusing types. In fact, I don't think this
> even works. Did you test it? A pointer to a struct toskeyword will not
> have the same value as the keyword member.
> 
> 

OK I'll stop abusing.  Here is my reasoning for the setgid change.
Pretend there is a way to break into the binary by means of the socket,
then I thought it'd be neat if it was disallowed to write into groups
that a user was in at the moment this binary was executed.  I think this
is paranoid enough.

And yes I tested it.  I used reliability keyword and throughput keyword
and a notused keyword, they matched in tcpdump with the #defined values
and bailed on the third keyword.

# traceroute -t throughput venus
traceroute to venus.centroid.eu (192.168.60.1), 64 hops max, 40 byte packets
 1  uranus (192.168.34.1)  0.211 ms  0.188 ms  0.248 ms
# 17:10:48.701844 192.168.34.4.52757 > 192.168.60.1.33435: [no cksum]
udp 12 [tos 0x8] [ttl 1] (id 52758, len 40)



To be honest I'm not at a high level as you so I don't understand what
the last sentence means.  I had the bsearch manpage to guide me and it
was surprising to me this even worked so well.

I'm gonna leave this the way it is now.

-peter