Changed: Allow connections from root o sockets.

2025-09-05 18:25:31 +08:00 · 2021-12-08 10:29:13 +01:00
parent 33b88b5d4b
commit 3dee2eb486
3 changed files with 15 additions and 11 deletions
--- a/termux-shared/src/main/cpp/local-filesystem-socket.cpp
+++ b/termux-shared/src/main/cpp/local-filesystem-socket.cpp
@@ -188,6 +188,7 @@ extern "C"
 JNIEXPORT jint JNICALL
 Java_com_termux_shared_shell_LocalFilesystemSocket_getpeeruid(JNIEnv *env, jclass clazz, jint fd) {
    struct ucred cred = {};
+    cred.uid = 1; // initialize uid to 1 here because I'm paranoid and a failed getsockopt that somehow doesn't report as failed would report the uid of root
    socklen_t len = sizeof(cred);
    if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cred, &len) == -1) {
        return -1;
--- a/termux-shared/src/main/java/com/termux/shared/shell/LocalFilesystemSocket.java
+++ b/termux-shared/src/main/java/com/termux/shared/shell/LocalFilesystemSocket.java
@@ -209,16 +209,20 @@ public class LocalFilesystemSocket
            if (backlog <= 0) {
                throw new IllegalArgumentException("Backlog has to be at least 1");
            }
-            if (path == null) {
-                throw new IllegalArgumentException("path cannot be null");
+            if (path == null || path.length() == 0) {
+                throw new IllegalArgumentException("path cannot be null or empty");
            }
            this.path = path;
-            File f = new File(path);
-            File parent = f.getParentFile();
-            if (parent != null) {
-                parent.mkdirs();
+            if (path.getBytes(StandardCharsets.UTF_8)[0] != 0) {
+                // not a socket in the abstract linux namespace, make sure the path is accessible and clear
+                File f = new File(path);
+                File parent = f.getParentFile();
+                if (parent != null) {
+                    parent.mkdirs();
+                }
+                f.delete();
            }
-            f.delete();
+    
            fd = createserversocket(path.getBytes(StandardCharsets.UTF_8), backlog);
            if (fd == -1) {
                throw new IOException("Could not create UNIX server socket at \""+path+"\"");
@@ -245,9 +249,9 @@ public class LocalFilesystemSocket
                    c = -1;
                    continue;
                }
-                
-                if (peeruid == app.getApplicationInfo().uid) {
-                    // if the peer has the same uid, allow the connection
+    
+                // if the peer has the same uid or is root, allow the connection
+                if (peeruid == app.getApplicationInfo().uid || peeruid == 0) {
                    break;
                } else {
                    Logger.logWarn("LocalFilesystemSocket.ServerSocket", "WARNING: An app with the uid of "+peeruid+" tried to connect to the socket at \""+path+"\", closing connection.");
--- a/termux-shared/src/main/java/com/termux/shared/shell/LocalSocketListener.java
+++ b/termux-shared/src/main/java/com/termux/shared/shell/LocalSocketListener.java
@@ -77,7 +77,6 @@ public class LocalSocketListener
                        while ((c = r.read()) > 0) {
                            b.append((char) c);
                        }
-                        Logger.logDebug(LOG_TAG, b.toString());
                        String outString;
                        String errString;
                        int ret;