Permalink
Browse files

Preserve RLIMIT_CORE hard limit, and restore soft limit before exec

Closes #196.
  • Loading branch information...
1 parent 1b21e00 commit a289a2319e4718f6082087c0f8dc7dfea3a8dc6e @kmcallister kmcallister committed Apr 16, 2012
Showing with 22 additions and 3 deletions.
  1. +19 −3 src/crypto/crypto.cc
  2. +1 −0 src/crypto/crypto.h
  3. +2 −0 src/frontend/mosh-server.cc
View
@@ -283,16 +283,32 @@ Message Session::decrypt( string ciphertext )
return ret;
}
+static rlim_t saved_core_rlimit;
+
/* Disable dumping core, as a precaution to avoid saving sensitive data
to disk. */
void Crypto::disable_dumping_core( void ) {
struct rlimit limit;
- limit.rlim_cur = 0;
- limit.rlim_max = 0;
- if ( 0 != setrlimit( RLIMIT_CORE, &limit ) ) {
+ if ( 0 != getrlimit( RLIMIT_CORE, &limit ) ) {
/* We don't throw CryptoException because this is called very early
in main(), outside of 'try'. */
+ perror( "getrlimit(RLIMIT_CORE)" );
+ exit( 1 );
+ }
+
+ saved_core_rlimit = limit.rlim_cur;
+ limit.rlim_cur = 0;
+ if ( 0 != setrlimit( RLIMIT_CORE, &limit ) ) {
perror( "setrlimit(RLIMIT_CORE)" );
exit( 1 );
}
}
+
+void Crypto::reenable_dumping_core( void ) {
+ /* Silent failure is safe. */
+ struct rlimit limit;
+ if ( 0 == getrlimit( RLIMIT_CORE, &limit ) ) {
+ limit.rlim_cur = saved_core_rlimit;
+ setrlimit( RLIMIT_CORE, &limit );
+ }
+}
View
@@ -113,6 +113,7 @@ namespace Crypto {
};
void disable_dumping_core( void );
+ void reenable_dumping_core( void );
}
#endif
@@ -401,6 +401,8 @@ int run_server( const char *desired_ip, const char *desired_port,
print_motd();
}
+ Crypto::reenable_dumping_core();
+
if ( execvp( command_path.c_str(), command_argv ) < 0 ) {
perror( "execvp" );
_exit( 1 );

0 comments on commit a289a23

Please sign in to comment.