Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys Move policies for KAUTH_PROCESS_{CANSEE, CORENAME, STOPFLA...
details: https://anonhg.NetBSD.org/src/rev/4a750ca4aa65
branches: trunk
changeset: 747850:4a750ca4aa65
user: elad <elad%NetBSD.org@localhost>
date: Sat Oct 03 03:38:31 2009 +0000
description:
Move policies for KAUTH_PROCESS_{CANSEE,CORENAME,STOPFLAG,FORK} back to
the subsystem.
Note: Consider killing the signal listener and sticking
KAUTH_PROCESS_SIGNAL here as well.
diffstat:
sys/kern/kern_proc.c | 81 ++++++++++++++++++++++++++++++++++++-
sys/secmodel/suser/secmodel_suser.c | 56 ++++++------------------
2 files changed, 94 insertions(+), 43 deletions(-)
diffs (211 lines):
diff -r 1ad3db30ed15 -r 4a750ca4aa65 sys/kern/kern_proc.c
--- a/sys/kern/kern_proc.c Sat Oct 03 03:02:55 2009 +0000
+++ b/sys/kern/kern_proc.c Sat Oct 03 03:38:31 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_proc.c,v 1.152 2009/05/23 18:28:06 ad Exp $ */
+/* $NetBSD: kern_proc.c,v 1.153 2009/10/03 03:38:31 elad Exp $ */
/*-
* Copyright (c) 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.152 2009/05/23 18:28:06 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.153 2009/10/03 03:38:31 elad Exp $");
#include "opt_kstack.h"
#include "opt_maxuprc.h"
@@ -235,6 +235,80 @@
static pool_cache_t proc_cache;
+static kauth_listener_t proc_listener;
+
+static int
+proc_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie,
+ void *arg0, void *arg1, void *arg2, void *arg3)
+{
+ struct proc *p;
+ int result;
+
+ result = KAUTH_RESULT_DEFER;
+ p = arg0;
+
+ switch (action) {
+ case KAUTH_PROCESS_CANSEE: {
+ enum kauth_process_req req;
+
+ req = (enum kauth_process_req)arg1;
+
+ switch (req) {
+ case KAUTH_REQ_PROCESS_CANSEE_ARGS:
+ case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
+ case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
+ result = KAUTH_RESULT_ALLOW;
+
+ break;
+
+ case KAUTH_REQ_PROCESS_CANSEE_ENV:
+ if (kauth_cred_getuid(cred) !=
+ kauth_cred_getuid(p->p_cred) ||
+ kauth_cred_getuid(cred) !=
+ kauth_cred_getsvuid(p->p_cred))
+ break;
+
+ result = KAUTH_RESULT_ALLOW;
+
+ break;
+
+ default:
+ break;
+ }
+
+ break;
+ }
+
+ case KAUTH_PROCESS_FORK: {
+ int lnprocs = (int)(unsigned long)arg2;
+
+ /*
+ * Don't allow a nonprivileged user to use the last few
+ * processes. The variable lnprocs is the current number of
+ * processes, maxproc is the limit.
+ */
+ if (__predict_false((lnprocs >= maxproc - 5)))
+ break;
+
+ result = KAUTH_RESULT_ALLOW;
+
+ break;
+ }
+
+ case KAUTH_PROCESS_CORENAME:
+ case KAUTH_PROCESS_STOPFLAG:
+ if (proc_uidmatch(cred, p->p_cred) == 0)
+ result = KAUTH_RESULT_ALLOW;
+
+ break;
+
+ default:
+ break;
+ }
+
+ return result;
+}
+
/*
* Initialize global process hashing structures.
*/
@@ -272,6 +346,9 @@
proc_cache = pool_cache_init(sizeof(struct proc), 0, 0, 0,
"procpl", NULL, IPL_NONE, NULL, NULL, NULL);
+
+ proc_listener = kauth_listen_scope(KAUTH_SCOPE_PROCESS,
+ proc_listener_cb, NULL);
}
/*
diff -r 1ad3db30ed15 -r 4a750ca4aa65 sys/secmodel/suser/secmodel_suser.c
--- a/sys/secmodel/suser/secmodel_suser.c Sat Oct 03 03:02:55 2009 +0000
+++ b/sys/secmodel/suser/secmodel_suser.c Sat Oct 03 03:38:31 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_suser.c,v 1.24 2009/10/03 03:02:55 elad Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.25 2009/10/03 03:38:31 elad Exp $ */
/*-
* Copyright (c) 2006 Elad Efrat <elad%NetBSD.org@localhost>
* All rights reserved.
@@ -38,7 +38,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.24 2009/10/03 03:02:55 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.25 2009/10/03 03:38:31 elad Exp $");
#include <sys/types.h>
#include <sys/param.h>
@@ -496,6 +496,9 @@
case KAUTH_PROCESS_SETID:
case KAUTH_PROCESS_KEVENT_FILTER:
case KAUTH_PROCESS_NICE:
+ case KAUTH_PROCESS_FORK:
+ case KAUTH_PROCESS_CORENAME:
+ case KAUTH_PROCESS_STOPFLAG:
if (isroot)
result = KAUTH_RESULT_ALLOW;
@@ -510,20 +513,20 @@
case KAUTH_REQ_PROCESS_CANSEE_ARGS:
case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
- if (!secmodel_suser_curtain)
+ if (isroot) {
result = KAUTH_RESULT_ALLOW;
- else if (isroot || kauth_cred_uidmatch(cred, p->p_cred))
- result = KAUTH_RESULT_ALLOW;
+ break;
+ }
+
+ if (secmodel_suser_curtain) {
+ if (kauth_cred_uidmatch(cred, p->p_cred) != 0)
+ result = KAUTH_RESULT_DENY;
+ }
+
break;
case KAUTH_REQ_PROCESS_CANSEE_ENV:
- if (!isroot &&
- (kauth_cred_getuid(cred) !=
- kauth_cred_getuid(p->p_cred) ||
- kauth_cred_getuid(cred) !=
- kauth_cred_getsvuid(p->p_cred)))
- break;
- else
+ if (isroot)
result = KAUTH_RESULT_ALLOW;
break;
@@ -535,28 +538,6 @@
break;
}
- case KAUTH_PROCESS_CORENAME:
- if (isroot || proc_uidmatch(cred, p->p_cred) == 0)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
- case KAUTH_PROCESS_FORK: {
- int lnprocs = (int)(unsigned long)arg2;
-
- /*
- * Don't allow a nonprivileged user to use the last few
- * processes. The variable lnprocs is the current number of
- * processes, maxproc is the limit.
- */
- if (__predict_false((lnprocs >= maxproc - 5) && !isroot))
- break;
- else
- result = KAUTH_RESULT_ALLOW;
-
- break;
- }
-
case KAUTH_PROCESS_RLIMIT: {
enum kauth_process_req req;
@@ -577,13 +558,6 @@
break;
}
- case KAUTH_PROCESS_STOPFLAG:
- if (isroot || proc_uidmatch(cred, p->p_cred) == 0) {
- result = KAUTH_RESULT_ALLOW;
- break;
- }
- break;
-
default:
break;
}
Home |
Main Index |
Thread Index |
Old Index