Re: git: 6e69612d5df1 - main - pam: Add pam_xdg module

From: Shawn Webb <shawn.webb_at_hardenedbsd.org>
Date: Tue, 27 Feb 2024 01:28:41 UTC
On Mon, Feb 26, 2024 at 05:35:57PM +0000, Emmanuel Vadot wrote:
> The branch main has been updated by manu:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=6e69612d5df1c1d5bd86990ea4d9a170c030b292
> 
> commit 6e69612d5df1c1d5bd86990ea4d9a170c030b292
> Author:     Emmanuel Vadot <manu@FreeBSD.org>
> AuthorDate: 2024-02-21 14:51:05 +0000
> Commit:     Emmanuel Vadot <manu@FreeBSD.org>
> CommitDate: 2024-02-26 17:34:52 +0000
> 
>     pam: Add pam_xdg module
>     
>     This is a module to setup the XDG directories and environment variables.
>     For now the only usage is to have a XDG_RUNTIME_DIR environment setup at
>     user login.
>     All other environment variable have a default fallback so no need to export
>     them in this module.
>     The directory is created according to the XDG Base directory specification.
>     
>     The default base directory is /var/run/xdg/<username> but can be configured
>     using the runtime_dir=<dir> module option.
>     
>     According to the spec the directory *must* not survive a reboot so adding
>     var_run_enable="YES" to rc.conf is highly recommanded.
>     
>     Reviewed by:    des, pauamma (manpages)
>     Differential Revision:  https://reviews.freebsd.org/D44011
>     Sponsored by:   Beckhoff Automation GmbH & Co. KG
> ---
>  lib/libpam/modules/modules.inc       |   1 +
>  lib/libpam/modules/pam_xdg/Makefile  |   6 +
>  lib/libpam/modules/pam_xdg/pam_xdg.8 |  56 +++++++
>  lib/libpam/modules/pam_xdg/pam_xdg.c | 311 +++++++++++++++++++++++++++++++++++
>  4 files changed, 374 insertions(+)

[snip]

> +
> +static int
> +remove_dir(int fd)
> +{
> +	DIR *dirp;
> +	struct dirent *dp;
> +
> +	dirp = fdopendir(fd);
> +	if (dirp == NULL)
> +		return (-1);
> +
> +	while ((dp = readdir(dirp)) != NULL) {
> +		if (dp->d_type == DT_DIR) {
> +			int dirfd;
> +
> +			if (strcmp(dp->d_name, ".") == 0 ||
> +			    strcmp(dp->d_name, "..") == 0)
> +				continue;
> +			dirfd = openat(fd, dp->d_name, 0);
> +			remove_dir(dirfd);

A defensive programming technique commonly implemented in functions
that recurse is to place a limit on how many times we recurse.

HardenedBSD now places an arbitrarily picked limit of 1000 recursions:
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/commit/148478d5743a8dd4362fd31dca4371618716d0a8

The limit can be changed at compile-time by defining
REMOVEDIR_MAX_RECUR to a different integer value.

Thanks,

-- 
Shawn Webb
Cofounder / Security Engineer
HardenedBSD

Tor-ified Signal: +1 303-901-1600
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc