1296619Sdes/* 2296619Sdes * Copyright (c) 2015 Joyent, Inc 3296619Sdes * Author: Alex Wilson <alex.wilson@joyent.com> 4296619Sdes * 5296619Sdes * Permission to use, copy, modify, and distribute this software for any 6296619Sdes * purpose with or without fee is hereby granted, provided that the above 7296619Sdes * copyright notice and this permission notice appear in all copies. 8296619Sdes * 9296619Sdes * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10296619Sdes * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11296619Sdes * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12296619Sdes * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13296619Sdes * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14296619Sdes * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15296619Sdes * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16296619Sdes */ 17296619Sdes 18296619Sdes#include "includes.h" 19296619Sdes 20296619Sdes#include <sys/types.h> 21296619Sdes 22296619Sdes#include <stdarg.h> 23296619Sdes#include <unistd.h> 24296619Sdes 25296619Sdes#include "platform.h" 26296619Sdes 27296619Sdes#include "openbsd-compat/openbsd-compat.h" 28296619Sdes 29296619Sdes/* 30296619Sdes * Drop any fine-grained privileges that are not needed for post-startup 31296619Sdes * operation of ssh-agent 32296619Sdes * 33296619Sdes * Should be as close as possible to pledge("stdio cpath unix id proc exec", ...) 34296619Sdes */ 35296619Sdesvoid 36296619Sdesplatform_pledge_agent(void) 37296619Sdes{ 38296619Sdes#ifdef USE_SOLARIS_PRIVS 39296619Sdes /* 40296619Sdes * Note: Solaris priv dropping is closer to tame() than pledge(), but 41296619Sdes * we will use what we have. 42296619Sdes */ 43296619Sdes solaris_drop_privs_root_pinfo_net(); 44296619Sdes#endif 45296619Sdes} 46296619Sdes 47296619Sdes/* 48296619Sdes * Drop any fine-grained privileges that are not needed for post-startup 49296619Sdes * operation of sftp-server 50296619Sdes */ 51296619Sdesvoid 52296619Sdesplatform_pledge_sftp_server(void) 53296619Sdes{ 54296619Sdes#ifdef USE_SOLARIS_PRIVS 55296619Sdes solaris_drop_privs_pinfo_net_fork_exec(); 56296619Sdes#endif 57296619Sdes} 58296619Sdes 59296619Sdes/* 60296619Sdes * Drop any fine-grained privileges that are not needed for the post-startup 61296619Sdes * operation of the SSH client mux 62296619Sdes * 63296619Sdes * Should be as close as possible to pledge("stdio proc tty", ...) 64296619Sdes */ 65296619Sdesvoid 66296619Sdesplatform_pledge_mux(void) 67296619Sdes{ 68296619Sdes#ifdef USE_SOLARIS_PRIVS 69296619Sdes solaris_drop_privs_root_pinfo_net_exec(); 70296619Sdes#endif 71296619Sdes} 72