Main Page | Alphabetical List | Data Structures | Directories | File List | Data Fields | Globals | Search for 
linux-2.6.16-rsbac-1.2.6 / rsbac / help

cap_getname.c

Go to the documentation of this file.
00001 /********************************** */
00002 /* Rule Set Based Access Control    */
00003 /* Author and (c) 1999-2005:        */
00004 /*   Amon Ott <ao@rsbac.org>        */
00005 /* Getname functions for CAP module */
00006 /* Last modified: 27/May/2005       */
00007 /********************************** */
00008 
00009 #include <rsbac/getname.h>
00010 #include <rsbac/cap_getname.h>
00011 #include <rsbac/helpers.h>
00012 #include <rsbac/error.h>
00013 
00014 #ifdef __KERNEL__
00015 #include <linux/sched.h>
00016 #include <linux/string.h>
00017 #include <rsbac/rkmem.h>
00018 #include <rsbac/debug.h>
00019 #include <rsbac/aci.h>
00020 #else
00021 #include <string.h>
00022 #endif
00023 
00024 /*****************************************/
00025 
00026 #ifdef __KERNEL__
00027 #ifdef CONFIG_RSBAC_CAP_LOG_MISSING
00028 void rsbac_cap_log_missing_cap(int cap)
00029   {
00030     char * tmp;
00031     union rsbac_target_id_t       i_tid;
00032     union rsbac_attribute_value_t i_attr_val1;
00033 
00034 #if 0 && LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00035     if(cap == CAP_SYS_ADMIN)
00036       return;
00037 #endif
00038     
00039     i_tid.process = current->pid;
00040     if (rsbac_get_attr(CAP,
00041                        T_PROCESS,
00042                        i_tid,
00043                        A_max_caps_user,
00044                        &i_attr_val1,
00045                        FALSE))
00046       {
00047         rsbac_ds_get_error("rsbac_cap_log_missing_cap()", A_max_caps_user);
00048       }
00049     else
00050       {
00051         if(!(i_attr_val1.max_caps_user & (1 << cap)))
00052           {
00053             tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00054             if(tmp)
00055               {
00056                 get_cap_name(tmp, cap);
00057                 rsbac_printk(KERN_DEBUG
00058                              "capable(): pid %u(%.15s), uid %u: missing user max_cap %s!\n",
00059                              current->pid, current->comm,
00060                              current->uid,
00061                              tmp);
00062                   rsbac_kfree(tmp);
00063               }
00064           }
00065       }
00066     if (rsbac_get_attr(CAP,
00067                        T_PROCESS,
00068                        i_tid,
00069                        A_max_caps_program,
00070                        &i_attr_val1,
00071                        FALSE))
00072       {
00073         rsbac_ds_get_error("rsbac_cap_log_missing_cap()", A_max_caps_program);
00074       }
00075     else
00076       {
00077         if(!(i_attr_val1.max_caps_program & (1 << cap)))
00078           {
00079             tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00080             if(tmp)
00081               {
00082                 get_cap_name(tmp, cap);
00083                 rsbac_printk(KERN_DEBUG
00084                              "capable(): pid %u(%.15s), uid %u: missing program max_cap %s!\n",
00085                              current->pid, current->comm,
00086                              current->uid,
00087                              tmp);
00088                   rsbac_kfree(tmp);
00089               }
00090           }
00091       }
00092   }
00093 #endif
00094 #endif
00095
Generated on Sun May 21 14:30:55 2006 for RSBAC by  doxygen 1.4.2