1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00

Extend ACL-restriction to all Windows tools.

Protecting our processes from outside interference need not be limited
to just PuTTY: there's no reason why the other SSH-speaking tools
shouldn't have the same treatment (PSFTP, PSCP, Plink), and PuTTYgen
and Pageant which handle private key material.
This commit is contained in:
Simon Tatham 2016-04-02 08:00:07 +01:00
parent b4202c917a
commit b0b5d5fbe6
9 changed files with 85 additions and 1 deletions

2
Recipe
View File

@ -296,7 +296,7 @@ puttygen : [G] winpgen sshrsag sshdssg sshprime sshdes sshbn sshmd5 version
+ sshrand winnoise sshsha winstore misc winctrls sshrsa sshdss winmisc + sshrand winnoise sshsha winstore misc winctrls sshrsa sshdss winmisc
+ sshpubk sshaes sshsh256 sshsh512 IMPORT winutils puttygen.res + sshpubk sshaes sshsh256 sshsh512 IMPORT winutils puttygen.res
+ tree234 notiming winhelp winnojmp conf LIBS wintime sshecc + tree234 notiming winhelp winnojmp conf LIBS wintime sshecc
+ sshecdsag + sshecdsag winsecur
pterm : [X] GTKTERM uxmisc misc ldisc settings uxpty uxsel BE_NONE uxstore pterm : [X] GTKTERM uxmisc misc ldisc settings uxpty uxsel BE_NONE uxstore
+ uxsignal CHARSET cmdline uxpterm version time xpmpterm xpmptcfg + uxsignal CHARSET cmdline uxpterm version time xpmpterm xpmptcfg

2
pscp.c
View File

@ -2349,6 +2349,8 @@ int psftp_main(int argc, char *argv[])
argv += i; argv += i;
back = NULL; back = NULL;
platform_psftp_post_option_setup();
if (list) { if (list) {
if (argc != 1) if (argc != 1)
usage(); usage();

View File

@ -2941,6 +2941,8 @@ int psftp_main(int argc, char *argv[])
argv += i; argv += i;
back = NULL; back = NULL;
platform_psftp_post_option_setup();
/* /*
* If the loaded session provides a hostname, and a hostname has not * If the loaded session provides a hostname, and a hostname has not
* otherwise been specified, pop it in `userhost' so that * otherwise been specified, pop it in `userhost' so that

View File

@ -47,6 +47,13 @@ int ssh_sftp_loop_iteration(void);
*/ */
char *ssh_sftp_get_cmdline(const char *prompt, int backend_required); char *ssh_sftp_get_cmdline(const char *prompt, int backend_required);
/*
* Platform-specific function called after the command line has been
* processed, so that any per-platform initialisation such as process
* ACL setup can be done.
*/
void platform_psftp_post_option_setup(void);
/* /*
* The main program in psftp.c. Called from main() in the platform- * The main program in psftp.c. Called from main() in the platform-
* specific code, after doing any platform-specific initialisation. * specific code, after doing any platform-specific initialisation.

View File

@ -618,6 +618,8 @@ char *ssh_sftp_get_cmdline(const char *prompt, int no_fds_ok)
void frontend_net_error_pending(void) {} void frontend_net_error_pending(void) {}
void platform_psftp_post_option_setup(void) {}
/* /*
* Main program: do platform-specific initialisation and then call * Main program: do platform-specific initialisation and then call
* psftp_main(). * psftp_main().

View File

@ -12,6 +12,7 @@
#include "putty.h" #include "putty.h"
#include "ssh.h" #include "ssh.h"
#include "licence.h" #include "licence.h"
#include "winsecur.h"
#include <commctrl.h> #include <commctrl.h>
@ -1530,6 +1531,23 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
} }
} }
#ifndef UNPROTECT
/*
* Protect our process.
*/
{
char *error = NULL;
if (!setprocessacl(error)) {
char *message = dupprintf("Could not restrict process ACL: %s",
error);
MessageBox(NULL, message, "PuTTYgen Warning",
MB_ICONWARNING | MB_OK);
sfree(message);
sfree(error);
}
}
#endif
random_ref(); random_ref();
ret = DialogBox(hinst, MAKEINTRESOURCE(201), NULL, MainDlgProc) != IDOK; ret = DialogBox(hinst, MAKEINTRESOURCE(201), NULL, MainDlgProc) != IDOK;

View File

@ -1174,6 +1174,23 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
} }
} }
#ifndef UNPROTECT
/*
* Protect our process.
*/
{
char *error = NULL;
if (!setprocessacl(error)) {
char *message = dupprintf("Could not restrict process ACL: %s",
error);
MessageBox(NULL, message, "Pageant Warning",
MB_ICONWARNING | MB_OK);
sfree(message);
sfree(error);
}
}
#endif
/* /*
* Forget any passphrase that we retained while going over * Forget any passphrase that we retained while going over
* command line keyfiles. * command line keyfiles.

View File

@ -11,6 +11,7 @@
#include "putty.h" #include "putty.h"
#include "storage.h" #include "storage.h"
#include "tree234.h" #include "tree234.h"
#include "winsecur.h"
#define WM_AGENT_CALLBACK (WM_APP + 4) #define WM_AGENT_CALLBACK (WM_APP + 4)
@ -497,6 +498,22 @@ int main(int argc, char **argv)
} }
} }
#ifndef UNPROTECT
/*
* Protect our process.
*/
{
char *error = NULL;
if (!setprocessacl(error)) {
char *message = dupprintf("Could not restrict process ACL: %s",
error);
logevent(NULL, message);
sfree(message);
sfree(error);
}
}
#endif
if (errors) if (errors)
return 1; return 1;

View File

@ -733,6 +733,25 @@ char *ssh_sftp_get_cmdline(const char *prompt, int no_fds_ok)
return ctx->line; return ctx->line;
} }
void platform_psftp_post_option_setup(void)
{
#ifndef UNPROTECT
/*
* Protect our process.
*/
{
char *error = NULL;
if (!setprocessacl(error)) {
char *message = dupprintf("Could not restrict process ACL: %s",
error);
logevent(NULL, message);
sfree(message);
sfree(error);
}
}
#endif
}
/* ---------------------------------------------------------------------- /* ----------------------------------------------------------------------
* Main program. Parse arguments etc. * Main program. Parse arguments etc.
*/ */