Merge pull request #300 from facebook/results_log_perms

Fix #290, add permissions to osqueryd logging
2024-11-08 02:18:53 +00:00 · 2014-10-30 16:44:18 -07:00 · 2014-10-30 16:44:18 -07:00 · fb81f9bedd
commit fb81f9bedd
parent 8cab68d2a3 1554bf3295
4 changed files with 64 additions and 21 deletions
--- a/include/osquery/filesystem.h
+++ b/include/osquery/filesystem.h
@ -24,6 +24,20 @@ namespace osquery {
 */
 Status readFile(const std::string& path, std::string& content);

+/**
+ * @brief Write text to disk.
+ *
+ * @param path the path of the file that you would like to write
+ * @param content the text that should be written exactly to disk
+ * @param permissions the filesystem permissions to request when opening
+ * @param force_permissions always chmod the path after opening
+ *
+ * @return an instance of Status, indicating the success or failure
+ * of the operation.
+ */
+Status writeTextFile(const std::string& path, const std::string& content,
+                     int permissions = 0660, bool force_permissions = false);
+
 Status isWritable(const std::string& path);
 Status isReadable(const std::string& path);

--- a/osquery/database/db_handle.cpp
+++ b/osquery/database/db_handle.cpp
@ -59,7 +59,7 @@ DBHandle::DBHandle(const std::string& path, bool in_memory) {
        cf_name, rocksdb::ColumnFamilyOptions()));
  }

-  if (pathExists(path).what() == "1" && !isWritable(path).ok()) {
+  if (pathExists(path).ok() && !isWritable(path).ok()) {
    throw std::domain_error("Cannot write to RocksDB path: " + path);
  }

--- a/osquery/filesystem/filesystem.cpp
+++ b/osquery/filesystem/filesystem.cpp
@ -1,11 +1,14 @@
 // Copyright 2004-present Facebook. All Rights Reserved.

+#include <exception>
 #include <fstream>
 #include <sstream>

+#include <fcntl.h>
+#include <sys/stat.h>
+
 #include <boost/filesystem/operations.hpp>
 #include <boost/filesystem/path.hpp>
-
 #include <boost/property_tree/ptree.hpp>
 #include <boost/property_tree/xml_parser.hpp>

@ -20,9 +23,36 @@ namespace pt = boost::property_tree;

 namespace osquery {

+Status writeTextFile(const std::string& path, const std::string& content,
+                     int permissions, bool force_permissions) {
+  // Open the file with the request permissions.
+  int output_fd = open(path.c_str(), O_CREAT | O_APPEND | O_WRONLY,
+                       permissions);
+  if (output_fd <= 0) {
+    return Status(1, "Could not create file");
+  }
+
+  // If the file existed with different permissions before our open
+  // they must be restricted.
+  if (chmod(path.c_str(), permissions) != 0) {
+    // Could not change the file to the requested permissions.
+    return Status(1, "Failed to change permissions");
+  }
+
+  auto bytes = write(output_fd, content.c_str(), content.size());
+  if (bytes != content.size()) {
+    close(output_fd);
+    return Status(1, "Failed to write contents");
+  }
+
+  close(output_fd);
+  return Status(0, "OK");
+}
+
 Status readFile(const std::string& path, std::string& content) {
-  if (!boost::filesystem::exists(path)) {
-    return Status(1, "File not found");
+  auto path_exists = pathExists(path);
+  if (!path_exists.ok()) {
+    return path_exists;
  }

  int statusCode = 0;
@ -58,8 +88,9 @@ cleanup:
 }

 Status isWritable(const std::string& path) {
-  if (!pathExists(path).ok()) {
-    return Status(1, "Path does not exist.");
+  auto path_exists = pathExists(path);
+  if (!path_exists.ok()) {
+    return path_exists;
  }

  if (access(path.c_str(), W_OK) == 0) {
@ -69,8 +100,9 @@ Status isWritable(const std::string& path) {
 }

 Status isReadable(const std::string& path) {
-  if (!pathExists(path).ok()) {
-    return Status(1, "Path does not exist.");
+  auto path_exists = pathExists(path);
+  if (!path_exists.ok()) {
+    return path_exists;
  }

  if (access(path.c_str(), R_OK) == 0) {
@ -81,12 +113,12 @@ Status isReadable(const std::string& path) {

 Status pathExists(const std::string& path) {
  if (path.length() == 0) {
-    return Status(0, "-1");
+    return Status(1, "-1");
  }

  // A tri-state determination of presence
  if (!boost::filesystem::exists(path)) {
-    return Status(0, "0");
+    return Status(1, "0");
  }
  return Status(0, "1");
 }
--- a/osquery/logger/plugins/filesystem.cpp
+++ b/osquery/logger/plugins/filesystem.cpp
@ -1,17 +1,14 @@
 // Copyright 2004-present Facebook. All Rights Reserved.

-#include "osquery/logger/plugin.h"
-
-#include <algorithm>
 #include <exception>
-#include <ios>
-#include <fstream>
 #include <mutex>
-#include <thread>

 #include <gflags/gflags.h>
 #include <glog/logging.h>

+#include "osquery/filesystem.h"
+#include "osquery/logger/plugin.h"
+
 using osquery::Status;

 namespace osquery {
@ -29,12 +26,12 @@ class FilesystemLoggerPlugin : public LoggerPlugin {
    std::lock_guard<std::mutex> lock(filesystemLoggerPluginMutex);
    try {
      VLOG(3) << "filesystem logger plugin: logging to " << log_path;
-      std::ofstream log_stream(log_path,
-                               std::ios_base::app | std::ios_base::out);
-      if (log_stream.fail()) {
-        return Status(1, "error opening file: " + log_path);
+
+      // The results log may contain sensitive information if run as root.
+      auto status = writeTextFile(log_path, s, 0640, true);
+      if (!status.ok()) {
+        return status;
      }
-      log_stream << s;
    } catch (const std::exception& e) {
      return Status(1, e.what());
    }