added --allowed-modifiers

unbit · Mar 10, 2011 · 35987d3 · 35987d3
1 parent be73e00
commit 35987d3
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 2 deletions.
diff --git a/utils.c b/utils.c
@@ -1628,3 +1628,20 @@ char *uwsgi_get_optname_by_index(int index) {
 
         return NULL;
 }
+
+int uwsgi_list_has_num(char *list, int num) {
+
+	char *list2 = uwsgi_concat2(list, "");
+
+	char *p = strtok(list2, ",");
+        while (p != NULL) {
+		if (atoi(p) == num) {
+			free(list2);
+			return 1;
+		}
+                p = strtok(NULL, ",");
+	}
+
+	free(list2);
+	return 0;
+}
diff --git a/uwsgi.c b/uwsgi.c
@@ -160,6 +160,7 @@ static struct option long_base_options[] = {
 	{"worker-exec", required_argument, 0, LONG_ARGS_WORKER_EXEC},
 	{"attach-daemon", required_argument, 0, LONG_ARGS_ATTACH_DAEMON},
 	{"plugins", required_argument, 0, LONG_ARGS_PLUGINS},
+	{"allowed-modifiers", required_argument, 0, LONG_ARGS_ALLOWED_MODIFIERS},
 	{"remap-modifier", required_argument, 0, LONG_ARGS_REMAP_MODIFIER},
 	{"dump-options", no_argument, &uwsgi.dump_options, 1},
 	{"show-config", no_argument, &uwsgi.show_config, 1},
@@ -1790,6 +1791,20 @@ uwsgi.shared->hooks[UWSGI_MODIFIER_PING] = uwsgi_request_ping;	//100
 			uwsgi_log("spawned uWSGI master process (pid: %d)\n", uwsgi.mypid);
 		}
 	}
+
+
+
+	// security in multiuser environment: allow only a subset of modifiers
+	if (uwsgi.allowed_modifiers) {
+		for (i = 0; i < 0xFF; i++) {
+			if (!uwsgi_list_has_num(uwsgi.allowed_modifiers, i)) {
+                        	uwsgi.p[i]->request = unconfigured_hook;
+                        	uwsgi.p[i]->after_request = unconfigured_after_hook;
+                	}
+        	}
+	}
+
+
 #ifdef UWSGI_SPOOLER
 	if (uwsgi.spool_dir != NULL && uwsgi.sockets_cnt > 0) {
 		uwsgi.shared->spooler_pid = spooler_start();
@@ -2052,6 +2067,9 @@ uwsgi.shared->hooks[UWSGI_MODIFIER_PING] = uwsgi_request_ping;	//100
 		case LONG_ARGS_REMAP_MODIFIER:
 			uwsgi.remap_modifier = optarg;
 			return 1;
+		case LONG_ARGS_ALLOWED_MODIFIERS:
+			uwsgi.allowed_modifiers = optarg;
+			return 1;
 		case LONG_ARGS_PLUGINS:
 			p = strtok(optarg, ",");
 			while (p != NULL) {

diff --git a/uwsgi.h b/uwsgi.h
@@ -357,8 +357,8 @@ struct uwsgi_opt {
 #define LONG_ARGS_SUBSCRIBE_TO		17078
 #define LONG_ARGS_CLUSTER_NODES		17079
 #define LONG_ARGS_RELOAD_MERCY		17080
-#define LONG_ARGS_LINUX_NS_NET		17081
-
+#define LONG_ARGS_ALLOWED_MODIFIERS	17081
+#define LONG_ARGS_LINUX_NS_NET		17082
 
 
 #define UWSGI_OK	0
@@ -954,6 +954,8 @@ struct uwsgi_server {
 	struct uwsgi_plugin *p[0xFF];
 	struct uwsgi_plugin *gp[MAX_GENERIC_PLUGINS];
 	int gp_cnt;
+
+	char *allowed_modifiers;
 
 	char *upload_progress;
 
@@ -1612,3 +1614,5 @@ char *uwsgi_get_exported_opt(char *);
 int uwsgi_signal_add_cron(uint8_t, int, int, int, int, int);
 
 char *uwsgi_get_optname_by_index(int);
+
+int uwsgi_list_has_num(char *, int);