On 10/3/20 1:50 PM, Richard W.M. Jones wrote: > --- > filters/ip/nbdkit-ip-filter.pod | 64 +++++++++++++++++++++++++----- > tests/Makefile.am | 14 ++++++- > filters/ip/ip.c | 69 +++++++++++++++++++++++++++++--- > tests/test-ip-filter-gid.sh | 51 ++++++++++++++++++++++++ > tests/test-ip-filter-pid.sh | 70 +++++++++++++++++++++++++++++++++ > tests/test-ip-filter-uid.sh | 51 ++++++++++++++++++++++++ > 6 files changed, 301 insertions(+), 18 deletions(-) >
> + > + nbdkit -U $tmpdir/sock --filter=ip [...] allow=uid:`id -u` deny=all > + > +Only allow the current user (S<C<id -u>>) to connect over the socket. > +It is better to use this as an additional line of defence — also defense > +create a temporary directory, make sure it is only accessible by the > +user, and place the socket there. > + > + nbdkit -U sock --filter=ip [...] allow=gid:`id -g` deny=all > + > +Allow anyone in the same group as the current user to connect to the > +Unix domain socket. > > +++ b/filters/ip/ip.c > @@ -62,12 +62,13 @@ int ip_debug_rules; > > struct rule { > struct rule *next; > - enum { BAD = 0, ANY, ANYV4, ANYV6, IPV4, IPV6 } type; > + enum { BAD = 0, ANY, ANYV4, ANYV6, IPV4, IPV6, PID, UID, GID } type; > union { > - struct in_addr ipv4; > + struct in_addr ipv4; /* for IPV4, IPV6 */ > struct in6_addr ipv6; > + int id; /* for PID, UID and GID */ Do you want to use id_t here? POSIX requires that type to be a superset of pid_t, uid_t, and gid_t - on Linux, it is still 32-bit, but it might be more robust if we have to compile on systems with 64-bit pid_t. Sadly, there is no handy printf specifier for id_t, so using int does make life easier elsewhere. > } u; > - unsigned prefixlen; > + unsigned prefixlen; /* for IPV4, IPV6 */ > }; > > static struct rule *allow_rules, *allow_rules_last; > @@ -100,6 +101,16 @@ print_rule (const char *name, const struct rule *rule, > const char *suffix) > nbdkit_debug ("%s=ipv6:[%s]/%u%s", name, u.addr6, rule->prefixlen, > suffix); > break; > > + case PID: > + nbdkit_debug ("%s=pid:%d%s", name, rule->u.id, suffix); For example, this becomes more complicated if we use id_t instead of int. ACK -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Libguestfs mailing list Libguestfs@redhat.com https://www.redhat.com/mailman/listinfo/libguestfs