mac_seeotheruids.c (172930) | mac_seeotheruids.c (172955) |
---|---|
1/*- 2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2002 Networks Associates Technology, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * | 1/*- 2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2002 Networks Associates Technology, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * |
38 * $FreeBSD: head/sys/security/mac_seeotheruids/mac_seeotheruids.c 172930 2007-10-24 19:04:04Z rwatson $ | 38 * $FreeBSD: head/sys/security/mac_seeotheruids/mac_seeotheruids.c 172955 2007-10-25 11:31:11Z rwatson $ |
39 */ 40 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Prevent processes owned by a particular uid from seeing various transient 45 * kernel objects associated with other uids. 46 */ --- 9 unchanged lines hidden (view full) --- 56 57#include <security/mac/mac_policy.h> 58 59SYSCTL_DECL(_security_mac); 60 61SYSCTL_NODE(_security_mac, OID_AUTO, seeotheruids, CTLFLAG_RW, 0, 62 "TrustedBSD mac_seeotheruids policy controls"); 63 | 39 */ 40 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Prevent processes owned by a particular uid from seeing various transient 45 * kernel objects associated with other uids. 46 */ --- 9 unchanged lines hidden (view full) --- 56 57#include <security/mac/mac_policy.h> 58 59SYSCTL_DECL(_security_mac); 60 61SYSCTL_NODE(_security_mac, OID_AUTO, seeotheruids, CTLFLAG_RW, 0, 62 "TrustedBSD mac_seeotheruids policy controls"); 63 |
64static int mac_seeotheruids_enabled = 1; | 64static int seeotheruids_enabled = 1; |
65SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, enabled, CTLFLAG_RW, | 65SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, enabled, CTLFLAG_RW, |
66 &mac_seeotheruids_enabled, 0, "Enforce seeotheruids policy"); | 66 &seeotheruids_enabled, 0, "Enforce seeotheruids policy"); |
67 68/* 69 * Exception: allow credentials to be aware of other credentials with the 70 * same primary gid. 71 */ 72static int primarygroup_enabled = 0; 73SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, primarygroup_enabled, 74 CTLFLAG_RW, &primarygroup_enabled, 0, "Make an exception for credentials " --- 17 unchanged lines hidden (view full) --- 92 CTLFLAG_RW, &specificgid_enabled, 0, "Make an exception for credentials " 93 "with a specific gid as their real primary group id or group set"); 94 95static gid_t specificgid = 0; 96SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, specificgid, CTLFLAG_RW, 97 &specificgid, 0, "Specific gid to be exempt from seeotheruids policy"); 98 99static int | 67 68/* 69 * Exception: allow credentials to be aware of other credentials with the 70 * same primary gid. 71 */ 72static int primarygroup_enabled = 0; 73SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, primarygroup_enabled, 74 CTLFLAG_RW, &primarygroup_enabled, 0, "Make an exception for credentials " --- 17 unchanged lines hidden (view full) --- 92 CTLFLAG_RW, &specificgid_enabled, 0, "Make an exception for credentials " 93 "with a specific gid as their real primary group id or group set"); 94 95static gid_t specificgid = 0; 96SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, specificgid, CTLFLAG_RW, 97 &specificgid, 0, "Specific gid to be exempt from seeotheruids policy"); 98 99static int |
100mac_seeotheruids_check(struct ucred *cr1, struct ucred *cr2) | 100seeotheruids_check(struct ucred *cr1, struct ucred *cr2) |
101{ 102 | 101{ 102 |
103 if (!mac_seeotheruids_enabled) | 103 if (!seeotheruids_enabled) |
104 return (0); 105 106 if (primarygroup_enabled) { 107 if (cr1->cr_rgid == cr2->cr_rgid) 108 return (0); 109 } 110 111 if (specificgid_enabled) { --- 9 unchanged lines hidden (view full) --- 121 if (priv_check_cred(cr1, PRIV_SEEOTHERUIDS, 0) == 0) 122 return (0); 123 } 124 125 return (ESRCH); 126} 127 128static int | 104 return (0); 105 106 if (primarygroup_enabled) { 107 if (cr1->cr_rgid == cr2->cr_rgid) 108 return (0); 109 } 110 111 if (specificgid_enabled) { --- 9 unchanged lines hidden (view full) --- 121 if (priv_check_cred(cr1, PRIV_SEEOTHERUIDS, 0) == 0) 122 return (0); 123 } 124 125 return (ESRCH); 126} 127 128static int |
129mac_seeotheruids_cred_check_visible(struct ucred *cr1, struct ucred *cr2) | 129seeotheruids_cred_check_visible(struct ucred *cr1, struct ucred *cr2) |
130{ 131 | 130{ 131 |
132 return (mac_seeotheruids_check(cr1, cr2)); | 132 return (seeotheruids_check(cr1, cr2)); |
133} 134 135static int | 133} 134 135static int |
136mac_seeotheruids_proc_check_signal(struct ucred *cred, struct proc *p, | 136seeotheruids_proc_check_signal(struct ucred *cred, struct proc *p, |
137 int signum) 138{ 139 | 137 int signum) 138{ 139 |
140 return (mac_seeotheruids_check(cred, p->p_ucred)); | 140 return (seeotheruids_check(cred, p->p_ucred)); |
141} 142 143static int | 141} 142 143static int |
144mac_seeotheruids_proc_check_sched(struct ucred *cred, struct proc *p) | 144seeotheruids_proc_check_sched(struct ucred *cred, struct proc *p) |
145{ 146 | 145{ 146 |
147 return (mac_seeotheruids_check(cred, p->p_ucred)); | 147 return (seeotheruids_check(cred, p->p_ucred)); |
148} 149 150static int | 148} 149 150static int |
151mac_seeotheruids_proc_check_debug(struct ucred *cred, struct proc *p) | 151seeotheruids_proc_check_debug(struct ucred *cred, struct proc *p) |
152{ 153 | 152{ 153 |
154 return (mac_seeotheruids_check(cred, p->p_ucred)); | 154 return (seeotheruids_check(cred, p->p_ucred)); |
155} 156 157static int | 155} 156 157static int |
158mac_seeotheruids_socket_check_visible(struct ucred *cred, struct socket *so, | 158seeotheruids_socket_check_visible(struct ucred *cred, struct socket *so, |
159 struct label *solabel) 160{ 161 | 159 struct label *solabel) 160{ 161 |
162 return (mac_seeotheruids_check(cred, so->so_cred)); | 162 return (seeotheruids_check(cred, so->so_cred)); |
163} 164 | 163} 164 |
165static struct mac_policy_ops mac_seeotheruids_ops = | 165static struct mac_policy_ops seeotheruids_ops = |
166{ | 166{ |
167 .mpo_cred_check_visible = mac_seeotheruids_cred_check_visible, 168 .mpo_proc_check_debug = mac_seeotheruids_proc_check_debug, 169 .mpo_proc_check_sched = mac_seeotheruids_proc_check_sched, 170 .mpo_proc_check_signal = mac_seeotheruids_proc_check_signal, 171 .mpo_socket_check_visible = mac_seeotheruids_socket_check_visible, | 167 .mpo_cred_check_visible = seeotheruids_cred_check_visible, 168 .mpo_proc_check_debug = seeotheruids_proc_check_debug, 169 .mpo_proc_check_sched = seeotheruids_proc_check_sched, 170 .mpo_proc_check_signal = seeotheruids_proc_check_signal, 171 .mpo_socket_check_visible = seeotheruids_socket_check_visible, |
172}; 173 | 172}; 173 |
174MAC_POLICY_SET(&mac_seeotheruids_ops, mac_seeotheruids, | 174MAC_POLICY_SET(&seeotheruids_ops, mac_seeotheruids, |
175 "TrustedBSD MAC/seeotheruids", MPC_LOADTIME_FLAG_UNLOADOK, NULL); | 175 "TrustedBSD MAC/seeotheruids", MPC_LOADTIME_FLAG_UNLOADOK, NULL); |