It is complicated to set the password in the C helper binary.
Therefore it is being set by a helper script.
This is still not an optimal solution since the password might be
exposed to the shell environment, but has the advantage that shell
command injection is no longer possible.
Fixes: #12562
Reported-by: Albert Schwarzkopf <ipfire@quitesimple.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
There is no need for this being implemented and it is dangerous to allow
the user to create any shell accounts or users that belong to groups
with higher privileges.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This function invokes a new command similar to safe_system()
but without launching a shell before.
That way, it is possible to execute commands without any risk
of shell command injection from nobody.
Fixes: #12562
Reported-by: Albert Schwarzkopf <ipfire@quitesimple.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The helper binary is being dropped and etherwake is enabled
for CAP_NET_RAW. This allows execution by unprivileged users
as needed by the web user interface (nobody).
Reported-by: Albert Schwarzkopf <ipfire@quitesimple.org>
Fixes: #12562
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Samba is always linked against CUPS and therefore there is
no way to disable printing anyways.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This variable is no longer being used and was only used to
assign IP addresses to the individual interfaces.
However, the kernel knows best which IP address to select
as broadcast address for each network. Therefore we depend
on the kernel which allows us to support RFC3021.
Fixes: #12486 - no /31 transfer net available on red
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
It could happen that the remote peer re-established the connection
before "ipsec reload" removed it from the daemon.
Now, we write the configuration files first, reload them
and then bring down any connections that are still established.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is a more general name for a script that will be extended
soon to do more than just add blocking rules.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This command allows to enable the automatic update
of the used IDS ruleset and to specify the update interval.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This command is used to set the ownership and permissions
back to nobody:nobdoy which is used by the WUI to write the
ruleset.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
When the firewall policy is blocked, no outgoing IPsec connections
can be established. That is slightly counter-intuitive since we
open ports in the incoming direction automatically.
Fixes: #11704
Reported-by: Oliver Fuhrer <oliver.fuhrer@bluewin.ch>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Make syslogctrl.c use TCP as remote logging file if specified so.
Thanks to Michael for reviewing this.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
