rc: libdisk: tighten security around some of the system config files found in /etc ; fix potential resource leak if an error occured when creating ovpn passwd/group/shadow files

Author: RMerl

release/src/router/libdisk/write_smb_conf.c

@@ -748,6 +748,7 @@ int main(int argc, char *argv[])
 
 		use_custom_config("smb.conf", SAMBA_CONF);
 		run_postconf("smb", SAMBA_CONF);
+		chmod(SAMBA_CONF, 0644);
 	}
 
 	free_disk_data(&disks_info);

release/src/router/rc/openvpn.c

@@ -1962,26 +1962,30 @@ void create_openvpn_passwd()
 	fp1=fopen("/etc/shadow.openvpn", "w");
 	fp2=fopen("/etc/passwd.openvpn", "w");
 	fp3=fopen("/etc/group.openvpn", "w");
-	if (!fp1 || !fp2 || !fp3) return;
 
-	nv = nvp = strdup(nvram_safe_get("vpn_serverx_clientlist"));
+	if (fp1 && fp2 && fp3) {
+		nv = nvp = strdup(nvram_safe_get("vpn_serverx_clientlist"));
 
-	if(nv) {
-		while ((b = strsep(&nvp, "<")) != NULL) {
-			if((vstrsep(b, ">", &username, &passwd)!=2)) continue;
-			if(strlen(username)==0||strlen(passwd)==0) continue;
+		if(nv) {
+			while ((b = strsep(&nvp, "<")) != NULL) {
+				if((vstrsep(b, ">", &username, &passwd)!=2)) continue;
+				if(strlen(username)==0||strlen(passwd)==0) continue;
 
-			p = crypt(passwd, salt);
-			fprintf(fp1, "%s:%s:0:0:99999:7:0:0:\n", username, p);
-			fprintf(fp2, "%s:x:%d:%d:::\n", username, id, id);
-			fprintf(fp3, "%s:x:%d:\n", username, id);
-			id++;
+				p = crypt(passwd, salt);
+				fprintf(fp1, "%s:%s:0:0:99999:7:0:0:\n", username, p);
+				fprintf(fp2, "%s:x:%d:%d:::\n", username, id, id);
+				fprintf(fp3, "%s:x:%d:\n", username, id);
+				id++;
+			}
+			free(nv);
 		}
-		free(nv);
 	}
-	fclose(fp1);
-	fclose(fp2);
-	fclose(fp3);
+	if (fp1) fclose(fp1);
+	if (fp2) fclose(fp2);
+	if (fp3) fclose(fp3);
+	chmod("/etc/shadow.openvpn", 0600);
+	chmod("/etc/group.openvpn", 0644);
+	chmod("/etc/passwd.openvpn", 0644);
 }
 
 

release/src/router/rc/services.c

@@ -935,6 +935,7 @@ void start_dnsmasq(void)
 		fclose(fp);
 		use_custom_config("hosts", "/etc/hosts");
 		run_postconf("hosts","/etc/hosts");
+		chmod("/etc/hosts", 0644);
 	} else
 		perror("/etc/hosts");
 
@@ -1315,12 +1316,13 @@ void start_dnsmasq(void)
 
 	use_custom_config("dnsmasq.conf","/etc/dnsmasq.conf");
 	run_postconf("dnsmasq","/etc/dnsmasq.conf");
+	chmod("/etc/dnsmasq.conf", 0644);
 
 	/* Create resolv.conf with empty nameserver list */
-	f_write(dmresolv, NULL, 0, FW_APPEND, 0666);
+	f_write(dmresolv, NULL, 0, FW_APPEND, 0644);
 
 	/* Create resolv.dnsmasq with empty server list */
-	f_write(dmservers, NULL, 0, FW_APPEND, 0666);
+	f_write(dmservers, NULL, 0, FW_APPEND, 0644);
 
 #if (defined(RTCONFIG_TR069) && !defined(RTCONFIG_TR181))
 	eval("dnsmasq", "--log-async", "-6", "/sbin/dhcpc_lease");

release/src/router/rc/usb.c

@@ -2157,14 +2157,18 @@ void create_custom_passwd(void)
 		fprintf(fp, "%s:x:%d:%d:::\n", account_list[i], n, n);
 	}
 	fclose(fp);
+	chmod("/etc/passwd.custom", 0644);
 
 	/* write /etc/group.custom  */
 	fp = fopen("/etc/group.custom", "w+");
-	for (i=0, n=500; i<acc_num; i++, n++)
-	{
-		fprintf(fp, "%s:x:%d:\n", account_list[i], n);
+	if (fp) {
+		for (i=0, n=500; i<acc_num; i++, n++)
+		{
+			fprintf(fp, "%s:x:%d:\n", account_list[i], n);
+		}
+		fclose(fp);
+		chmod("/etc/group.custom", 0644);
 	}
-	fclose(fp);
 	free_2_dimension_list(&acc_num, &account_list);
 }