diff options
author | Shawn Landden <slandden@gmail.com> | 2017-11-21 20:34:53 -0800 |
---|---|---|
committer | Shawn Landden <slandden@gmail.com> | 2018-02-26 15:19:55 -0800 |
commit | 1236f06b0ee8da3163f86b8f9d30323b6393c96a (patch) | |
tree | 6c47e665a978513768517dd2a580358cca463ed4 | |
parent | dfb45b528746bf89c030fccac307ebcf7c988511 (diff) | |
download | distcc-git-1236f06b0ee8da3163f86b8f9d30323b6393c96a.tar.gz |
allow disabling compiler whitelist
-rw-r--r-- | man/distccd.1 | 9 | ||||
-rw-r--r-- | src/dopt.c | 7 | ||||
-rw-r--r-- | src/dopt.h | 1 | ||||
-rw-r--r-- | src/serve.c | 2 | ||||
-rwxr-xr-x | test/testdistcc.py | 2 |
5 files changed, 19 insertions, 2 deletions
diff --git a/man/distccd.1 b/man/distccd.1 index 41596d8..8c7559f 100644 --- a/man/distccd.1 +++ b/man/distccd.1 @@ -209,6 +209,15 @@ assumes daemon mode at startup if stdin is a tty, so starting distccd from a script or in a non-interactive ssh connection. .TP +.B --make-me-a-botnet +By default (since Distcc 3.3) distcc will only execute binaries +that are masqueraded to distcc in /usr/lib/distcc. This turns +that off, and opens distcc up to executing arbitrary code. This +feature is mainly for distcc's test suite and is called +.B --make-me-a-botnet +for a reason. See MASQUERADING of +.BR distcc (1). +.TP .B --zeroconf Register the availability of this distccd server using Avahi Zeroconf DNS Service Discovery (DNS-SD). This allows distcc clients on the local @@ -93,6 +93,12 @@ int opt_log_stderr = 0; int opt_log_level_num = RS_LOG_NOTICE; /** + * If true, do not check if a link to distcc exists in /usr/lib/distcc + * for every program executed remotely. + **/ +int opt_make_me_a_botnet = 0; + +/** * Daemon exits after this many seconds. Intended mainly for testing, to make * sure daemons don't persist for too long. */ @@ -152,6 +158,7 @@ const struct poptOption options[] = { #ifdef HAVE_AVAHI { "zeroconf", 0, POPT_ARG_NONE, &opt_zeroconf, 0, 0, 0 }, #endif + { "make-me-a-botnet", 0, POPT_ARG_NONE, &opt_make_me_a_botnet, 0, 0, 0 }, { 0, 0, 0, 0, 0, 0, 0 } }; @@ -36,6 +36,7 @@ extern int opt_no_fork; extern int opt_no_prefork; extern int opt_no_detach; extern int opt_daemon_mode, opt_inetd_mode; +extern int opt_make_me_a_botnet; extern int opt_job_lifetime; extern const char *arg_log_file; extern int opt_no_fifo; diff --git a/src/serve.c b/src/serve.c index c9df132..159449b 100644 --- a/src/serve.c +++ b/src/serve.c @@ -720,7 +720,7 @@ static int dcc_run_job(int in_fd, if ((ret = dcc_check_compiler_masq(argv[0]))) goto out_cleanup; - if (dcc_check_compiler_whitelist(argv[0])) + if (!opt_make_me_a_botnet && dcc_check_compiler_whitelist(argv[0])) goto out_cleanup; if ((compile_ret = dcc_spawn_child(argv, &cc_pid, diff --git a/test/testdistcc.py b/test/testdistcc.py index ef0e351..7d9f350 100755 --- a/test/testdistcc.py +++ b/test/testdistcc.py @@ -345,7 +345,7 @@ as soon as that happens we can go ahead and start the client.""" """Return command to start the daemon""" return (self.distccd() + "--verbose --lifetime=%d --daemon --log-file %s " - "--pid-file %s --port %d --allow 127.0.0.1" + "--pid-file %s --port %d --allow 127.0.0.1 --make-me-a-botnet" % (self.daemon_lifetime(), _ShellSafe(self.daemon_logfile), _ShellSafe(self.daemon_pidfile), |