Mercurial > hg > nginx
comparison src/http/ngx_http_core_module.c @ 4477:7033faf6dc3c
Added disable_symlinks directive.
To completely disable symlinks (disable_symlinks on)
we use openat(O_NOFOLLOW) for each path component
to avoid races.
To allow symlinks with the same owner (disable_symlinks if_not_owner),
use openat() (followed by fstat()) and fstatat(AT_SYMLINK_NOFOLLOW),
and then compare uids between fstat() and fstatat().
As there is a race between openat() and fstatat() we don't
know if openat() in fact opened symlink or not. Therefore,
we have to compare uids even if fstatat() reports the opened
component isn't a symlink (as we don't know whether it was
symlink during openat() or not).
Default value is off, i.e. symlinks are allowed.
| author | Andrey Belov <defan@nginx.com> |
|---|---|
| date | Mon, 13 Feb 2012 16:29:04 +0000 |
| parents | 41f640a693de |
| children | d11f86a16e3b |
comparison
equal
deleted
inserted
replaced
| 4476:94ef9d25ec5b | 4477:7033faf6dc3c |
|---|---|
| 185 static ngx_str_t ngx_http_gzip_private = ngx_string("private"); | 185 static ngx_str_t ngx_http_gzip_private = ngx_string("private"); |
| 186 | 186 |
| 187 #endif | 187 #endif |
| 188 | 188 |
| 189 | 189 |
| 190 #if (NGX_HAVE_OPENAT) | |
| 191 | |
| 192 static ngx_conf_enum_t ngx_http_core_disable_symlinks[] = { | |
| 193 { ngx_string("off"), NGX_DISABLE_SYMLINKS_OFF }, | |
| 194 { ngx_string("if_not_owner"), NGX_DISABLE_SYMLINKS_NOTOWNER }, | |
| 195 { ngx_string("on"), NGX_DISABLE_SYMLINKS_ON }, | |
| 196 { ngx_null_string, 0 } | |
| 197 }; | |
| 198 | |
| 199 #endif | |
| 200 | |
| 201 | |
| 190 static ngx_command_t ngx_http_core_commands[] = { | 202 static ngx_command_t ngx_http_core_commands[] = { |
| 191 | 203 |
| 192 { ngx_string("variables_hash_max_size"), | 204 { ngx_string("variables_hash_max_size"), |
| 193 NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, | 205 NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, |
| 194 ngx_conf_set_num_slot, | 206 ngx_conf_set_num_slot, |
| 759 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE, | 771 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE, |
| 760 ngx_http_gzip_disable, | 772 ngx_http_gzip_disable, |
| 761 NGX_HTTP_LOC_CONF_OFFSET, | 773 NGX_HTTP_LOC_CONF_OFFSET, |
| 762 0, | 774 0, |
| 763 NULL }, | 775 NULL }, |
| 776 | |
| 777 #endif | |
| 778 | |
| 779 #if (NGX_HAVE_OPENAT) | |
| 780 | |
| 781 { ngx_string("disable_symlinks"), | |
| 782 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
| 783 ngx_conf_set_enum_slot, | |
| 784 NGX_HTTP_LOC_CONF_OFFSET, | |
| 785 offsetof(ngx_http_core_loc_conf_t, disable_symlinks), | |
| 786 &ngx_http_core_disable_symlinks }, | |
| 764 | 787 |
| 765 #endif | 788 #endif |
| 766 | 789 |
| 767 ngx_null_command | 790 ngx_null_command |
| 768 }; | 791 }; |
| 1295 of.valid = clcf->open_file_cache_valid; | 1318 of.valid = clcf->open_file_cache_valid; |
| 1296 of.min_uses = clcf->open_file_cache_min_uses; | 1319 of.min_uses = clcf->open_file_cache_min_uses; |
| 1297 of.test_only = 1; | 1320 of.test_only = 1; |
| 1298 of.errors = clcf->open_file_cache_errors; | 1321 of.errors = clcf->open_file_cache_errors; |
| 1299 of.events = clcf->open_file_cache_events; | 1322 of.events = clcf->open_file_cache_events; |
| 1323 #if (NGX_HAVE_OPENAT) | |
| 1324 of.disable_symlinks = clcf->disable_symlinks; | |
| 1325 #endif | |
| 1300 | 1326 |
| 1301 if (ngx_open_cached_file(clcf->open_file_cache, &path, &of, r->pool) | 1327 if (ngx_open_cached_file(clcf->open_file_cache, &path, &of, r->pool) |
| 1302 != NGX_OK) | 1328 != NGX_OK) |
| 1303 { | 1329 { |
| 1304 if (of.err != NGX_ENOENT | 1330 if (of.err != NGX_ENOENT |
| 3342 #if (NGX_HTTP_DEGRADATION) | 3368 #if (NGX_HTTP_DEGRADATION) |
| 3343 clcf->gzip_disable_degradation = 3; | 3369 clcf->gzip_disable_degradation = 3; |
| 3344 #endif | 3370 #endif |
| 3345 #endif | 3371 #endif |
| 3346 | 3372 |
| 3373 #if (NGX_HAVE_OPENAT) | |
| 3374 clcf->disable_symlinks = NGX_CONF_UNSET_UINT; | |
| 3375 #endif | |
| 3376 | |
| 3347 return clcf; | 3377 return clcf; |
| 3348 } | 3378 } |
| 3349 | 3379 |
| 3350 | 3380 |
| 3351 static ngx_str_t ngx_http_core_text_html_type = ngx_string("text/html"); | 3381 static ngx_str_t ngx_http_core_text_html_type = ngx_string("text/html"); |
| 3621 } | 3651 } |
| 3622 | 3652 |
| 3623 #endif | 3653 #endif |
| 3624 #endif | 3654 #endif |
| 3625 | 3655 |
| 3656 #if (NGX_HAVE_OPENAT) | |
| 3657 ngx_conf_merge_uint_value(conf->disable_symlinks, prev->disable_symlinks, | |
| 3658 NGX_DISABLE_SYMLINKS_OFF); | |
| 3659 #endif | |
| 3660 | |
| 3626 return NGX_CONF_OK; | 3661 return NGX_CONF_OK; |
| 3627 } | 3662 } |
| 3628 | 3663 |
| 3629 | 3664 |
| 3630 static char * | 3665 static char * |