| mac_bsdextended.c (182905) | mac_bsdextended.c (183113) |
|---|---|
| 1/*- 2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005 Tom Rhodes 5 * Copyright (c) 2006 SPARTA, Inc. 6 * All rights reserved. 7 * 8 * This software was developed by Robert Watson for the TrustedBSD Project. --- 23 unchanged lines hidden (view full) --- 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * | 1/*- 2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005 Tom Rhodes 5 * Copyright (c) 2006 SPARTA, Inc. 6 * All rights reserved. 7 * 8 * This software was developed by Robert Watson for the TrustedBSD Project. --- 23 unchanged lines hidden (view full) --- 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * |
| 40 * $FreeBSD: head/sys/security/mac_bsdextended/mac_bsdextended.c 182905 2008-09-10 13:16:41Z trasz $ | 40 * $FreeBSD: head/sys/security/mac_bsdextended/mac_bsdextended.c 183113 2008-09-17 15:49:44Z attilio $ |
| 41 */ 42 43/* 44 * Developed by the TrustedBSD Project. 45 * 46 * "BSD Extended" MAC policy, allowing the administrator to impose mandatory 47 * firewall-like rules regarding users and file system objects. 48 */ --- 167 unchanged lines hidden (view full) --- 216 217 mtx_destroy(&ugidfw_mtx); 218} 219 220static int 221ugidfw_rulecheck(struct mac_bsdextended_rule *rule, 222 struct ucred *cred, struct vnode *vp, struct vattr *vap, int acc_mode) 223{ | 41 */ 42 43/* 44 * Developed by the TrustedBSD Project. 45 * 46 * "BSD Extended" MAC policy, allowing the administrator to impose mandatory 47 * firewall-like rules regarding users and file system objects. 48 */ --- 167 unchanged lines hidden (view full) --- 216 217 mtx_destroy(&ugidfw_mtx); 218} 219 220static int 221ugidfw_rulecheck(struct mac_bsdextended_rule *rule, 222 struct ucred *cred, struct vnode *vp, struct vattr *vap, int acc_mode) 223{ |
| 224 int match; | 224 int mac_granted, match, priv_granted; |
| 225 int i; 226 227 /* 228 * Is there a subject match? 229 */ 230 mtx_assert(&ugidfw_mtx, MA_OWNED); 231 if (rule->mbr_subject.mbs_flags & MBS_UID_DEFINED) { 232 match = ((cred->cr_uid <= rule->mbr_subject.mbs_uid_max && --- 134 unchanged lines hidden (view full) --- 367 } 368 if (rule->mbr_object.mbo_neg & MBO_TYPE_DEFINED) 369 match = !match; 370 if (!match) 371 return (0); 372 } 373 374 /* | 225 int i; 226 227 /* 228 * Is there a subject match? 229 */ 230 mtx_assert(&ugidfw_mtx, MA_OWNED); 231 if (rule->mbr_subject.mbs_flags & MBS_UID_DEFINED) { 232 match = ((cred->cr_uid <= rule->mbr_subject.mbs_uid_max && --- 134 unchanged lines hidden (view full) --- 367 } 368 if (rule->mbr_object.mbo_neg & MBO_TYPE_DEFINED) 369 match = !match; 370 if (!match) 371 return (0); 372 } 373 374 /* |
| 375 * MBI_APPEND should not be here as it should get converted to 376 * MBI_WRITE. 377 */ 378 priv_granted = 0; 379 mac_granted = rule->mbr_mode; 380 if ((acc_mode & MBI_ADMIN) && (mac_granted & MBI_ADMIN) == 0 && 381 priv_check_cred(cred, PRIV_VFS_ADMIN, 0) == 0) 382 priv_granted |= MBI_ADMIN; 383 if ((acc_mode & MBI_EXEC) && (mac_granted & MBI_EXEC) == 0 && 384 priv_check_cred(cred, (vap->va_type == VDIR) ? PRIV_VFS_LOOKUP : 385 PRIV_VFS_EXEC, 0) == 0) 386 priv_granted |= MBI_EXEC; 387 if ((acc_mode & MBI_READ) && (mac_granted & MBI_READ) == 0 && 388 priv_check_cred(cred, PRIV_VFS_READ, 0) == 0) 389 priv_granted |= MBI_READ; 390 if ((acc_mode & MBI_STAT) && (mac_granted & MBI_STAT) == 0 && 391 priv_check_cred(cred, PRIV_VFS_STAT, 0) == 0) 392 priv_granted |= MBI_STAT; 393 if ((acc_mode & MBI_WRITE) && (mac_granted & MBI_WRITE) == 0 && 394 priv_check_cred(cred, PRIV_VFS_WRITE, 0) == 0) 395 priv_granted |= MBI_WRITE; 396 /* |
|
| 375 * Is the access permitted? 376 */ | 397 * Is the access permitted? 398 */ |
| 377 if ((rule->mbr_mode & acc_mode) != acc_mode) { | 399 if (((mac_granted | priv_granted) & acc_mode) != acc_mode) { |
| 378 if (ugidfw_logging) 379 log(LOG_AUTHPRIV, "mac_bsdextended: %d:%d request %d" 380 " on %d:%d failed. \n", cred->cr_ruid, 381 cred->cr_rgid, acc_mode, vap->va_uid, 382 vap->va_gid); 383 return (EACCES); 384 } 385 --- 9 unchanged lines hidden (view full) --- 395 396static int 397ugidfw_check(struct ucred *cred, struct vnode *vp, struct vattr *vap, 398 int acc_mode) 399{ 400 int error, i; 401 402 /* | 400 if (ugidfw_logging) 401 log(LOG_AUTHPRIV, "mac_bsdextended: %d:%d request %d" 402 " on %d:%d failed. \n", cred->cr_ruid, 403 cred->cr_rgid, acc_mode, vap->va_uid, 404 vap->va_gid); 405 return (EACCES); 406 } 407 --- 9 unchanged lines hidden (view full) --- 417 418static int 419ugidfw_check(struct ucred *cred, struct vnode *vp, struct vattr *vap, 420 int acc_mode) 421{ 422 int error, i; 423 424 /* |
| 403 * XXXRW: More specific privilege selection needed. 404 */ 405 if (suser_cred(cred, 0) == 0) 406 return (0); 407 408 /* | |
| 409 * Since we do not separately handle append, map append to write. 410 */ 411 if (acc_mode & MBI_APPEND) { 412 acc_mode &= ~MBI_APPEND; 413 acc_mode |= MBI_WRITE; 414 } 415 mtx_lock(&ugidfw_mtx); 416 for (i = 0; i < rule_slots; i++) { --- 336 unchanged lines hidden --- | 425 * Since we do not separately handle append, map append to write. 426 */ 427 if (acc_mode & MBI_APPEND) { 428 acc_mode &= ~MBI_APPEND; 429 acc_mode |= MBI_WRITE; 430 } 431 mtx_lock(&ugidfw_mtx); 432 for (i = 0; i < rule_slots; i++) { --- 336 unchanged lines hidden --- |