/daten/src/linux-2.4.27-rsbac-v1.2.3/rsbac/adf/auth/auth_main.c

Go to the documentation of this file.
00001 /**************************************************** */ 00002 /* Rule Set Based Access Control */ 00003 /* Implementation of the Access Control Decision */ 00004 /* Facility (ADF) - Authorization module */ 00005 /* File: rsbac/adf/auth/main.c */ 00006 /* */ 00007 /* Author and (c) 1999-2004: Amon Ott <ao@rsbac.org> */ 00008 /* */ 00009 /* Last modified: 26/Apr/2004 */ 00010 /**************************************************** */ 00011 00012 #include <linux/string.h> 00013 #include <rsbac/types.h> 00014 #include <rsbac/aci.h> 00015 #include <rsbac/auth.h> 00016 #include <rsbac/adf_main.h> 00017 #include <rsbac/error.h> 00018 #include <rsbac/helpers.h> 00019 #include <rsbac/getname.h> 00020 #include <rsbac/debug.h> 00021 00022 /************************************************* */ 00023 /* Global Variables */ 00024 /************************************************* */ 00025 00026 /************************************************* */ 00027 /* Internal Help functions */ 00028 /************************************************* */ 00029 00030 static int rsbac_replace_auth_cap(rsbac_pid_t caller_pid, 00031 enum rsbac_auth_cap_type_t cap_type, 00032 rsbac_uid_t from, 00033 rsbac_uid_t to) 00034 { 00035 if(rsbac_auth_p_capset_member(caller_pid, cap_type, from)) 00036 { 00037 struct rsbac_auth_cap_range_t cap_range; 00038 00039 /* remove it and set cap for 'to' */ 00040 cap_range.first = to; 00041 cap_range.last = to; 00042 if (rsbac_auth_add_to_p_capset(caller_pid, cap_type, cap_range, 0)) 00043 { 00044 printk(KERN_WARNING 00045 "rsbac_adf_set_attr_auth(): rsbac_auth_add_to_p_capset() returned error!\n"); 00046 return(-RSBAC_EWRITEFAILED); 00047 } 00048 cap_range.first = from; 00049 cap_range.last = from; 00050 if (rsbac_auth_remove_from_p_capset(caller_pid, cap_type, cap_range)) 00051 { 00052 printk(KERN_WARNING 00053 "rsbac_adf_set_attr_auth(): rsbac_auth_remove_from_p_capset() returned error!\n"); 00054 return(-RSBAC_EWRITEFAILED); 00055 } 00056 } 00057 return 0; /* success */ 00058 } 00059 00060 /************************************************* */ 00061 /* Externally visible functions */ 00062 /************************************************* */ 00063 00064 enum rsbac_adf_req_ret_t 00065 rsbac_adf_request_auth (enum rsbac_adf_request_t request, 00066 rsbac_pid_t caller_pid, 00067 enum rsbac_target_t target, 00068 union rsbac_target_id_t tid, 00069 enum rsbac_attribute_t attr, 00070 union rsbac_attribute_value_t attr_val, 00071 rsbac_uid_t owner) 00072 { 00073 enum rsbac_adf_req_ret_t result = DO_NOT_CARE; 00074 union rsbac_attribute_value_t i_attr_val1; 00075 #ifdef CONFIG_RSBAC_AUTH_AUTH_PROT 00076 union rsbac_target_id_t i_tid; 00077 int err=0; 00078 #endif 00079 00080 switch (request) 00081 { 00082 case R_CHANGE_OWNER: 00083 switch(target) 00084 { 00085 case T_PROCESS: 00086 if(attr != A_owner) 00087 return(UNDEFINED); 00088 /* check auth_may_setuid of process */ 00089 if (rsbac_get_attr(AUTH, 00090 T_PROCESS, 00091 tid, 00092 A_auth_may_setuid, 00093 &i_attr_val1, 00094 FALSE)) 00095 { 00096 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_may_setuid); 00097 return(NOT_GRANTED); 00098 } 00099 /* if auth_may_setuid is set, then grant */ 00100 if (i_attr_val1.auth_may_setuid) 00101 return(GRANTED); 00102 00103 /* check, if the target uid is in capset, grant, if yes, deny, if not. */ 00104 if(rsbac_auth_p_capset_member(caller_pid, ACT_real, attr_val.owner)) 00105 return(GRANTED); 00106 else 00107 return(NOT_GRANTED); 00108 00109 /* all other cases are not checked */ 00110 default: 00111 return(DO_NOT_CARE); 00112 } 00113 00114 #ifdef CONFIG_RSBAC_AUTH_DAC_OWNER 00115 case R_CHANGE_DAC_EFF_OWNER: 00116 switch(target) 00117 { 00118 case T_PROCESS: 00119 if(attr != A_owner) 00120 return(UNDEFINED); 00121 if(i_attr_val1.owner == owner) 00122 return DO_NOT_CARE; 00123 /* check auth_may_setuid of process */ 00124 if (rsbac_get_attr(AUTH, 00125 T_PROCESS, 00126 tid, 00127 A_auth_may_setuid, 00128 &i_attr_val1, 00129 FALSE)) 00130 { 00131 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_may_setuid); 00132 return(NOT_GRANTED); 00133 } 00134 /* if auth_may_setuid is set, then grant */ 00135 if (i_attr_val1.auth_may_setuid) 00136 return(GRANTED); 00137 00138 /* check, if the target uid is in capset, grant, if yes, deny, if not. */ 00139 if(rsbac_auth_p_capset_member(caller_pid, ACT_eff, attr_val.owner)) 00140 return(GRANTED); 00141 else 00142 return(NOT_GRANTED); 00143 00144 /* all other cases are not checked */ 00145 default: 00146 return(DO_NOT_CARE); 00147 } 00148 case R_CHANGE_DAC_FS_OWNER: 00149 switch(target) 00150 { 00151 case T_PROCESS: 00152 if(attr != A_owner) 00153 return(UNDEFINED); 00154 if(i_attr_val1.owner == owner) 00155 return DO_NOT_CARE; 00156 /* check auth_may_setuid of process */ 00157 if (rsbac_get_attr(AUTH, 00158 T_PROCESS, 00159 tid, 00160 A_auth_may_setuid, 00161 &i_attr_val1, 00162 FALSE)) 00163 { 00164 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_may_setuid); 00165 return(NOT_GRANTED); 00166 } 00167 /* if auth_may_setuid is set, then grant */ 00168 if (i_attr_val1.auth_may_setuid) 00169 return(GRANTED); 00170 00171 /* check, if the target uid is in capset, grant, if yes, deny, if not. */ 00172 if(rsbac_auth_p_capset_member(caller_pid, ACT_fs, attr_val.owner)) 00173 return(GRANTED); 00174 else 00175 return(NOT_GRANTED); 00176 00177 /* all other cases are not checked */ 00178 default: 00179 return(DO_NOT_CARE); 00180 } 00181 #endif 00182 00183 case R_MODIFY_ATTRIBUTE: 00184 switch(attr) 00185 { 00186 /* Only protect itself, if asked to by configuration */ 00187 #ifdef CONFIG_RSBAC_AUTH_AUTH_PROT 00188 case A_system_role: 00189 case A_auth_role: 00190 case A_auth_may_setuid: 00191 case A_auth_may_set_cap: 00192 case A_auth_start_uid: 00193 case A_auth_learn: 00194 case A_auth_program_file: 00195 case A_auth_add_f_cap: 00196 case A_auth_remove_f_cap: 00197 /* All attributes (remove target!) */ 00198 case A_none: 00199 /* Security Officer? */ 00200 i_tid.user = owner; 00201 if (rsbac_get_attr(AUTH, 00202 T_USER, 00203 i_tid, 00204 A_auth_role, 00205 &i_attr_val1, 00206 TRUE)) 00207 { 00208 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role); 00209 return(NOT_GRANTED); 00210 } 00211 /* if sec_officer, then grant */ 00212 if (i_attr_val1.system_role == SR_security_officer) 00213 return(GRANTED); 00214 else 00215 return(NOT_GRANTED); 00216 #endif 00217 00218 default: 00219 return(DO_NOT_CARE); 00220 } 00221 00222 /* Only protect itself, if asked to by configuration */ 00223 #ifdef CONFIG_RSBAC_AUTH_AUTH_PROT 00224 case R_GET_STATUS_DATA: 00225 switch(target) 00226 { 00227 case T_SCD: 00228 /* target rsbaclog? only for secoff */ 00229 if (tid.scd != ST_rsbaclog) 00230 return(GRANTED); 00231 /* Secoff or Auditor? */ 00232 i_tid.user = owner; 00233 if ((err=rsbac_get_attr(AUTH, 00234 T_USER, 00235 i_tid, 00236 A_auth_role, 00237 &i_attr_val1, 00238 TRUE))) 00239 { 00240 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role); 00241 return(NOT_GRANTED); 00242 } 00243 /* grant only for secoff */ 00244 if ( (i_attr_val1.system_role == SR_security_officer) 00245 || (i_attr_val1.system_role == SR_auditor) 00246 ) 00247 return(GRANTED); 00248 else 00249 return(NOT_GRANTED); 00250 00251 default: 00252 return(DO_NOT_CARE); 00253 }; 00254 00255 case R_MODIFY_PERMISSIONS_DATA: 00256 switch(target) 00257 { 00258 case T_SCD: 00259 #ifdef CONFIG_RSBAC_USER_MOD_IOPERM 00260 if(tid.scd == ST_ioports) 00261 return GRANTED; 00262 #endif 00263 /* Security Officer? */ 00264 i_tid.user = owner; 00265 if (rsbac_get_attr(AUTH, 00266 T_USER, 00267 i_tid, 00268 A_auth_role, 00269 &i_attr_val1, 00270 TRUE)) 00271 { 00272 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role); 00273 return(NOT_GRANTED); 00274 } 00275 /* if sec_officer, then grant */ 00276 if (i_attr_val1.system_role == SR_security_officer) 00277 return(GRANTED); 00278 /* For booting: if administrator and ioports, then grant */ 00279 if ( (i_attr_val1.system_role == SR_administrator) 00280 && (tid.scd == ST_ioports) ) 00281 return(GRANTED); 00282 else 00283 return(NOT_GRANTED); 00284 00285 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE 00286 /* switching Linux DAC */ 00287 case T_NONE: 00288 /* Security Officer? */ 00289 i_tid.user = owner; 00290 if (rsbac_get_attr(AUTH, 00291 T_USER, 00292 i_tid, 00293 A_auth_role, 00294 &i_attr_val1, 00295 TRUE)) 00296 { 00297 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role); 00298 return(NOT_GRANTED); 00299 } 00300 /* if sec_officer, then grant */ 00301 if (i_attr_val1.system_role == SR_security_officer) 00302 return(GRANTED); 00303 else 00304 return(NOT_GRANTED); 00305 #endif 00306 00307 /* all other cases are not checked */ 00308 default: return(DO_NOT_CARE); 00309 } 00310 00311 case R_MODIFY_SYSTEM_DATA: 00312 switch(target) 00313 { 00314 case T_SCD: 00315 /* target not rsbaclog? no problem -> grant */ 00316 if (tid.scd != ST_rsbaclog) 00317 return(GRANTED); 00318 /* Get role */ 00319 i_tid.user = owner; 00320 if (rsbac_get_attr(AUTH, 00321 T_USER, 00322 i_tid, 00323 A_auth_role, 00324 &i_attr_val1, 00325 TRUE)) 00326 { 00327 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role); 00328 return(NOT_GRANTED); 00329 } 00330 /* grant only for secoff and auditor */ 00331 if ( (i_attr_val1.system_role == SR_security_officer) 00332 || (i_attr_val1.system_role == SR_auditor) 00333 ) 00334 return(GRANTED); 00335 else 00336 return(NOT_GRANTED); 00337 00338 /* all other cases are not checked */ 00339 default: return(DO_NOT_CARE); 00340 } 00341 00342 case R_SWITCH_LOG: 00343 switch(target) 00344 { 00345 case T_NONE: 00346 /* test owner's auth_role */ 00347 i_tid.user = owner; 00348 if (rsbac_get_attr(AUTH, 00349 T_USER, 00350 i_tid, 00351 A_auth_role, 00352 &i_attr_val1, 00353 TRUE)) 00354 { 00355 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role); 00356 return(NOT_GRANTED); 00357 } 00358 /* security officer? -> grant */ 00359 if (i_attr_val1.system_role == SR_security_officer) 00360 return(GRANTED); 00361 else 00362 return(NOT_GRANTED); 00363 00364 /* all other cases are not checked */ 00365 default: return(DO_NOT_CARE); 00366 } 00367 00368 case R_SWITCH_MODULE: 00369 switch(target) 00370 { 00371 case T_NONE: 00372 /* we need the switch_target */ 00373 if(attr != A_switch_target) 00374 return(UNDEFINED); 00375 /* do not care for other modules */ 00376 if( (attr_val.switch_target != AUTH) 00377 #ifdef CONFIG_RSBAC_SOFTMODE 00378 && (attr_val.switch_target != SOFTMODE) 00379 #endif 00380 ) 00381 return(DO_NOT_CARE); 00382 /* test owner's auth_role */ 00383 i_tid.user = owner; 00384 if (rsbac_get_attr(AUTH, 00385 T_USER, 00386 i_tid, 00387 A_auth_role, 00388 &i_attr_val1, 00389 TRUE)) 00390 { 00391 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role); 00392 return(NOT_GRANTED); 00393 } 00394 /* security officer? -> grant */ 00395 if (i_attr_val1.system_role == SR_security_officer) 00396 return(GRANTED); 00397 else 00398 return(NOT_GRANTED); 00399 00400 /* all other cases are not checked */ 00401 default: return(DO_NOT_CARE); 00402 } 00403 #endif 00404 00405 /*********************/ 00406 default: return DO_NOT_CARE; 00407 } 00408 00409 return(result); 00410 }; /* end of rsbac_adf_request_auth() */ 00411 00412 00413 /*****************************************************************************/ 00414 /* If the request returned granted and the operation is performed, */ 00415 /* the following function can be called by the AEF to get all aci set */ 00416 /* correctly. For write accesses that are performed fully within the kernel, */ 00417 /* this is usually not done to prevent extra calls, including R_CLOSE for */ 00418 /* cleaning up. */ 00419 /* The second instance of target specification is the new target, if one has */ 00420 /* been created, otherwise its values are ignored. */ 00421 /* On success, 0 is returned, and an error from rsbac/error.h otherwise. */ 00422 00423 int rsbac_adf_set_attr_auth( 00424 enum rsbac_adf_request_t request, 00425 rsbac_pid_t caller_pid, 00426 enum rsbac_target_t target, 00427 union rsbac_target_id_t tid, 00428 enum rsbac_target_t new_target, 00429 union rsbac_target_id_t new_tid, 00430 enum rsbac_attribute_t attr, 00431 union rsbac_attribute_value_t attr_val, 00432 rsbac_uid_t owner) 00433 { 00434 int error; 00435 union rsbac_target_id_t i_tid; 00436 union rsbac_attribute_value_t i_attr_val1; 00437 union rsbac_attribute_value_t i_attr_val2; 00438 #if defined(CONFIG_RSBAC_AUTH_LEARN) 00439 union rsbac_attribute_value_t i_attr_val3; 00440 union rsbac_attribute_value_t i_attr_val4; 00441 union rsbac_attribute_value_t i_attr_val5; 00442 #endif 00443 00444 switch (request) 00445 { 00446 case R_CLONE: 00447 if (target == T_PROCESS) 00448 { 00449 /* Get auth_may_setuid from first process */ 00450 if (rsbac_get_attr(AUTH, 00451 T_PROCESS, 00452 tid, 00453 A_auth_may_setuid, 00454 &i_attr_val1, 00455 FALSE)) 00456 { 00457 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_may_setuid); 00458 return(-RSBAC_EREADFAILED); 00459 } 00460 /* Get auth_may_set_cap from first process */ 00461 if (rsbac_get_attr(AUTH, 00462 T_PROCESS, 00463 tid, 00464 A_auth_may_set_cap, 00465 &i_attr_val2, 00466 FALSE)) 00467 { 00468 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_may_set_cap); 00469 return(-RSBAC_EREADFAILED); 00470 } 00471 #if defined(CONFIG_RSBAC_AUTH_LEARN) 00472 if (rsbac_get_attr(AUTH, 00473 T_PROCESS, 00474 tid, 00475 A_auth_program_file, 00476 &i_attr_val3, 00477 FALSE)) 00478 { 00479 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_program_file); 00480 return(-RSBAC_EREADFAILED); 00481 } 00482 if (rsbac_get_attr(AUTH, 00483 T_PROCESS, 00484 tid, 00485 A_auth_start_uid, 00486 &i_attr_val4, 00487 FALSE)) 00488 { 00489 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_start_uid); 00490 return(-RSBAC_EREADFAILED); 00491 } 00492 if (rsbac_get_attr(AUTH, 00493 T_PROCESS, 00494 tid, 00495 A_auth_learn, 00496 &i_attr_val5, 00497 FALSE)) 00498 { 00499 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_learn); 00500 return(-RSBAC_EREADFAILED); 00501 } 00502 #endif 00503 /* Set auth_may_setuid for new process */ 00504 if (rsbac_set_attr(AUTH, 00505 T_PROCESS, 00506 new_tid, 00507 A_auth_may_setuid, 00508 i_attr_val1)) 00509 { 00510 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_may_setuid); 00511 return(-RSBAC_EWRITEFAILED); 00512 } 00513 /* Set auth_may_set_cap for new process */ 00514 if (rsbac_set_attr(AUTH, 00515 T_PROCESS, 00516 new_tid, 00517 A_auth_may_set_cap, 00518 i_attr_val2)) 00519 { 00520 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_may_set_cap); 00521 return(-RSBAC_EWRITEFAILED); 00522 } 00523 #if defined(CONFIG_RSBAC_AUTH_LEARN) 00524 if (rsbac_set_attr(AUTH, 00525 T_PROCESS, 00526 new_tid, 00527 A_auth_program_file, 00528 i_attr_val3)) 00529 { 00530 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_program_file); 00531 return(-RSBAC_EWRITEFAILED); 00532 } 00533 if (rsbac_set_attr(AUTH, 00534 T_PROCESS, 00535 new_tid, 00536 A_auth_start_uid, 00537 i_attr_val4)) 00538 { 00539 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_start_uid); 00540 return(-RSBAC_EWRITEFAILED); 00541 } 00542 if (rsbac_set_attr(AUTH, 00543 T_PROCESS, 00544 new_tid, 00545 A_auth_learn, 00546 i_attr_val5)) 00547 { 00548 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_learn); 00549 return(-RSBAC_EWRITEFAILED); 00550 } 00551 #endif 00552 /* copy capability list */ 00553 if(rsbac_auth_copy_pp_capset(tid.process,new_tid.process)) 00554 { 00555 #ifdef CONFIG_RSBAC_RMSG 00556 rsbac_printk(KERN_WARNING 00557 "rsbac_adf_set_attr_auth(): rsbac_auth_copy_pp_capset() returned error!\n"); 00558 #endif 00559 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00560 if (!rsbac_nosyslog) 00561 #endif 00562 printk(KERN_WARNING 00563 "rsbac_adf_set_attr_auth(): rsbac_auth_copy_pp_capset() returned error!\n"); 00564 return(-RSBAC_EWRITEFAILED); 00565 } 00566 return(0); 00567 } 00568 else 00569 return(0); 00570 00571 case R_EXECUTE: 00572 switch(target) 00573 { 00574 case T_FILE: 00575 /* reset auth_may_setuid and auth_may_set_cap for process */ 00576 i_tid.process = caller_pid; 00577 /* First, set auth_may_setuid to program file's auth_may_setuid */ 00578 if (rsbac_get_attr(AUTH, 00579 T_FILE, 00580 tid, 00581 A_auth_may_setuid, 00582 &i_attr_val1, 00583 TRUE)) 00584 { 00585 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_may_setuid); 00586 return(-RSBAC_EREADFAILED); 00587 } 00588 if (rsbac_set_attr(AUTH, 00589 T_PROCESS, 00590 i_tid, 00591 A_auth_may_setuid, 00592 i_attr_val1)) 00593 { 00594 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_may_setuid); 00595 return(-RSBAC_EWRITEFAILED); 00596 } 00597 /* Next, set auth_may_set_cap to program file's auth_may_set_cap */ 00598 if (rsbac_get_attr(AUTH, 00599 T_FILE, 00600 tid, 00601 A_auth_may_set_cap, 00602 &i_attr_val1, 00603 FALSE)) 00604 { 00605 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_may_set_cap); 00606 return(-RSBAC_EREADFAILED); 00607 } 00608 if (rsbac_set_attr(AUTH, 00609 T_PROCESS, 00610 i_tid, 00611 A_auth_may_set_cap, 00612 i_attr_val1)) 00613 { 00614 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_may_set_cap); 00615 return(-RSBAC_EWRITEFAILED); 00616 } 00617 00618 /* copy file capability list from file to process */ 00619 if (rsbac_auth_copy_fp_capset(tid.file, caller_pid)) 00620 { 00621 #ifdef CONFIG_RSBAC_RMSG 00622 rsbac_printk(KERN_WARNING 00623 "rsbac_adf_set_attr_auth(): rsbac_auth_copy_fp_capset() returned error!\n"); 00624 #endif 00625 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00626 if (!rsbac_nosyslog) 00627 #endif 00628 printk(KERN_WARNING 00629 "rsbac_adf_set_attr_auth(): rsbac_auth_copy_fp_capset() returned error!\n"); 00630 return(-RSBAC_EWRITEFAILED); 00631 } 00632 /* replace RSBAC_AUTH_OWNER_F_CAP by current owner */ 00633 error = rsbac_replace_auth_cap(caller_pid, 00634 ACT_real, 00635 RSBAC_AUTH_OWNER_F_CAP, 00636 owner); 00637 if(error) 00638 return error; 00639 #ifdef CONFIG_RSBAC_AUTH_DAC_OWNER 00640 error = rsbac_replace_auth_cap(caller_pid, 00641 ACT_eff, 00642 RSBAC_AUTH_OWNER_F_CAP, 00643 owner); 00644 if(error) 00645 return error; 00646 error = rsbac_replace_auth_cap(caller_pid, 00647 ACT_eff, 00648 RSBAC_AUTH_DAC_OWNER_F_CAP, 00649 current->euid); 00650 if(error) 00651 return error; 00652 error = rsbac_replace_auth_cap(caller_pid, 00653 ACT_fs, 00654 RSBAC_AUTH_OWNER_F_CAP, 00655 owner); 00656 if(error) 00657 return error; 00658 error = rsbac_replace_auth_cap(caller_pid, 00659 ACT_fs, 00660 RSBAC_AUTH_DAC_OWNER_F_CAP, 00661 current->fsuid); 00662 if(error) 00663 return error; 00664 #endif 00665 #if defined(CONFIG_RSBAC_AUTH_LEARN) 00666 /* Set auth_learn to program file's auth_learn */ 00667 if (rsbac_get_attr(AUTH, 00668 T_FILE, 00669 tid, 00670 A_auth_learn, 00671 &i_attr_val1, 00672 TRUE)) 00673 { 00674 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_learn); 00675 return(-RSBAC_EREADFAILED); 00676 } 00677 if (rsbac_set_attr(AUTH, 00678 T_PROCESS, 00679 i_tid, 00680 A_auth_learn, 00681 i_attr_val1)) 00682 { 00683 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_learn); 00684 return(-RSBAC_EWRITEFAILED); 00685 } 00686 /* remember executed file */ 00687 i_attr_val1.auth_program_file = tid.file; 00688 if (rsbac_set_attr(AUTH, 00689 T_PROCESS, 00690 i_tid, 00691 A_auth_program_file, 00692 i_attr_val1)) 00693 { 00694 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_program_file); 00695 return(-RSBAC_EWRITEFAILED); 00696 } 00697 /* remember caller */ 00698 i_attr_val1.auth_start_uid = owner; 00699 if (rsbac_set_attr(AUTH, 00700 T_PROCESS, 00701 i_tid, 00702 A_auth_start_uid, 00703 i_attr_val1)) 00704 { 00705 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_start_uid); 00706 return(-RSBAC_EWRITEFAILED); 00707 } 00708 #endif 00709 return(0); 00710 00711 /* all other cases are unknown */ 00712 default: 00713 return(0); 00714 } 00715 00716 /* Only protect itself, if asked to by configuration */ 00717 #ifdef CONFIG_RSBAC_AUTH_AUTH_PROT 00718 /* remove all file capabilities on all changing requests to files */ 00719 case R_APPEND_OPEN: 00720 case R_CHANGE_GROUP: 00721 case R_DELETE: 00722 case R_LINK_HARD: 00723 case R_MODIFY_ACCESS_DATA: 00724 case R_READ_WRITE_OPEN: 00725 case R_RENAME: 00726 case R_TRUNCATE: 00727 case R_WRITE_OPEN: 00728 switch(target) 00729 { 00730 case T_FILE: 00731 /* remove cap set */ 00732 if(rsbac_auth_remove_f_capsets(tid.file)) 00733 { 00734 #ifdef CONFIG_RSBAC_RMSG 00735 rsbac_printk(KERN_WARNING 00736 "rsbac_adf_set_attr_auth(): rsbac_auth_remove_f_capsets() returned error!\n"); 00737 #endif 00738 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00739 if (!rsbac_nosyslog) 00740 #endif 00741 printk(KERN_WARNING 00742 "rsbac_adf_set_attr_auth(): rsbac_auth_remove_f_capsets() returned error!\n"); 00743 return(-RSBAC_EWRITEFAILED); 00744 } 00745 return(0); 00746 00747 /* all other cases are not handled */ 00748 default: return(0); 00749 } 00750 #endif 00751 00752 /*********************/ 00753 default: return(0); 00754 } 00755 00756 return(0); 00757 }; /* end of rsbac_adf_set_attr_auth() */ 00758 00759 /* end of rsbac/adf/auth/main.c */

Generated on Tue Aug 31 10:05:23 2004 for RSBAC by doxygen 1.3.8