From 00737fa6007b03ecfcd4c5d32b3d23a2f1536f83 Mon Sep 17 00:00:00 2001 From: paullegranddc <82819397+paullegranddc@users.noreply.github.com> Date: Mon, 11 May 2026 14:14:23 +0200 Subject: [PATCH] crashtracker: verify unix socket peer uid before parsing reports --- .../src/receiver/entry_points.rs | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/libdd-crashtracker/src/receiver/entry_points.rs b/libdd-crashtracker/src/receiver/entry_points.rs index 532c580cb4..cbe3736746 100644 --- a/libdd-crashtracker/src/receiver/entry_points.rs +++ b/libdd-crashtracker/src/receiver/entry_points.rs @@ -7,6 +7,8 @@ use crate::CrashtrackerConfiguration; #[cfg(target_os = "linux")] use crate::StacktraceCollection; use anyhow::Context; +#[cfg(target_os = "linux")] +use std::os::fd::AsRawFd; use std::time::Duration; use tokio::{ io::{AsyncBufReadExt, BufReader}, @@ -30,10 +32,38 @@ pub async fn async_receiver_entry_point_unix_listener( listener: &UnixListener, ) -> anyhow::Result<()> { let (unix_stream, _) = listener.accept().await?; + #[cfg(target_os = "linux")] + ensure_same_user(&unix_stream)?; let stream = BufReader::new(unix_stream); receiver_entry_point(receiver_timeout(), stream).await } +#[cfg(target_os = "linux")] +fn ensure_same_user(unix_stream: &tokio::net::UnixStream) -> anyhow::Result<()> { + let mut ucred = libc::ucred { + pid: 0, + uid: 0, + gid: 0, + }; + let mut ucred_len = std::mem::size_of::() as libc::socklen_t; + let getsockopt_res = unsafe { + libc::getsockopt( + unix_stream.as_raw_fd(), + libc::SOL_SOCKET, + libc::SO_PEERCRED, + &mut ucred as *mut libc::ucred as *mut libc::c_void, + &mut ucred_len, + ) + }; + + anyhow::ensure!(getsockopt_res == 0, "Failed to get unix peer credentials"); + anyhow::ensure!( + ucred.uid == unsafe { libc::geteuid() }, + "Refusing crash report from another user" + ); + Ok(()) +} + pub async fn async_receiver_entry_point_unix_socket( socket_path: impl AsRef, one_shot: bool,