More output on failures, Delete tmpfile after exit, chown tmpfile to printing user

1 files changed, 17 insertions, 5 deletions

diff --git a/src/pwgui/main.cpp b/src/pwgui/main.cpp
index 77ec7f0..88e0486 100644
--- a/src/pwgui/main.cpp
+++ b/src/pwgui/main.cpp
@@ -80,7 +80,7 @@ int main(int argc, char *argv[])
     // Mimic cups behaviour wrt dropping privs (Only 0700 or 0500 == root)
     helper_loadlpuser();
     struct stat st;
-    if (stat(backend, &st) != 0 || (st.st_mode & 0077) != 0) helper_dropprivs();
+    if (stat(backend, &st) != 0 || (st.st_mode & 0011) != 0) helper_dropprivs();
     execv(backend, argv);
     exit(127);
   }
@@ -119,6 +119,7 @@ int main(int argc, char *argv[])
     close(fh);
     //
   }
+  chown(tmpfile, ruid, rgid);
 
   // Try right away with what we got
   spoolres = run_backend(backend, device, argv[1], argv[2], argv[3], argv[4], argv[5], tmpfile, NULL);
@@ -155,6 +156,7 @@ int main(int argc, char *argv[])
     waitpid(pid, NULL, 0); // Don't check status, just look at pipe data
     if (bytes <= 0) {
       fputs("ERROR: Could not read anything from pipe after showing GUI.\n", stderr);
+      remove(tmpfile);
       return CUPS_BACKEND_CANCEL;
     }
     creds[bytes] = '\0';
@@ -163,6 +165,7 @@ int main(int argc, char *argv[])
     // Run backend with pimped user/pass
     status = run_backend(backend, device, argv[1], creds, argv[3], argv[4], argv[5], tmpfile, pass);
   } while (status != CUPS_BACKEND_OK);
+  remove(tmpfile);
   return CUPS_BACKEND_OK;
 }
 
@@ -184,7 +187,7 @@ static int run_backend(char *backend, char *uri, char *jobid, char *user, char *
     args[7] = NULL;
     // Priv dropping
     struct stat st;
-    if (stat(backend, &st) != 0 || (st.st_mode & 0077) != 0) helper_dropprivs();
+    if (stat(backend, &st) != 0 || (st.st_mode & 0011) != 0) helper_dropprivs();
     // Exec
     execv(backend, args);
     exit(127);
@@ -206,14 +209,23 @@ static bool helper_getpiduid(char *user, char *title)
   // it has to be gui-<PID>, PID has to be an instance of printergui
   // and we have to be able to kill it, only then we assume we should bother the user
   // with an authentication dialog
-  if (strncmp(title, "gui-", 4) != 0) return false; // Wrong job title
+  if (strncmp(title, "gui-", 4) != 0) {
+    fprintf(stderr, "WARNING: Job Title doesnt start with 'gui-' (Is: %s)\n", title);
+    return false; // Wrong job title
+  }
   struct stat st;
   struct passwd *pw = getpwnam(user);
-  if (pw == NULL) return false;
+  if (pw == NULL) {
+    fprintf(stderr, "WARNING: Cannot getpwnam %s\n", user);
+    return false;
+  }
   int p = atoi(title + 4);
   char bin[PATH_MAX+1], tmp[100];
   snprintf(tmp, 100, "/proc/%d/exe", p);
-  if (realpath(tmp, bin) == NULL) return false;
+  if (realpath(tmp, bin) == NULL) {
+    fprintf(stderr, "WARNING: Cannot get realpath of %s\n", tmp);
+    return false;
+  }
   char *last = strrchr(bin, '/');
   if (last == NULL || strcmp(last, "/printergui") != 0) return false; // Wrong process
   // PID passed via job title seems to be the printergui