tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Change to secmodel_bsd44_suser.c
Hi,
Please review the attached diff. I removed explicit KAUTH_RESULT_DENY
assignments in secmodel_bsd44_suser.c, so there's a single, default
deny in each listener, and "allow" is done explicitly.
Given this is a change in critical code, I'd appreciate careful review.
Of course, any other input is welcome. :)
Thanks,
-e.
Index: secmodel_bsd44_suser.c
===================================================================
RCS file: /usr/cvs/src/sys/secmodel/bsd44/secmodel_bsd44_suser.c,v
retrieving revision 1.50
diff -u -p -r1.50 secmodel_bsd44_suser.c
--- secmodel_bsd44_suser.c 2 Feb 2008 21:04:41 -0000 1.50
+++ secmodel_bsd44_suser.c 5 Feb 2008 20:02:38 -0000
@@ -467,7 +467,7 @@ secmodel_bsd44_suser_process_cb(kauth_cr
kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(cred) !=
kauth_cred_getsvuid(p->p_cred)))
- result = KAUTH_RESULT_DENY;
+ break;
else
result = KAUTH_RESULT_ALLOW;
@@ -494,7 +494,6 @@ secmodel_bsd44_suser_process_cb(kauth_cr
if ((p->p_traceflag & KTRFAC_PERSISTENT) ||
(p->p_flag & PK_SUGID)) {
- result = KAUTH_RESULT_DENY;
break;
}
@@ -506,7 +505,6 @@ secmodel_bsd44_suser_process_cb(kauth_cr
break;
}
- result = KAUTH_RESULT_DENY;
break;
}
@@ -520,7 +518,6 @@ secmodel_bsd44_suser_process_cb(kauth_cr
}
if (req == KAUTH_REQ_PROCESS_PROCFS_CTL) {
- result = KAUTH_RESULT_DENY;
break;
}
@@ -531,7 +528,6 @@ secmodel_bsd44_suser_process_cb(kauth_cr
if (kauth_cred_getuid(cred) !=
kauth_cred_getuid(p->p_cred) ||
ISSET(p->p_flag, PK_SUGID)) {
- result = KAUTH_RESULT_DENY;
break;
}
/*FALLTHROUGH*/
@@ -575,7 +571,6 @@ secmodel_bsd44_suser_process_cb(kauth_cr
if (kauth_cred_getuid(cred) !=
kauth_cred_getuid(p->p_cred) ||
ISSET(p->p_flag, PK_SUGID)) {
- result = KAUTH_RESULT_DENY;
break;
}
@@ -603,15 +598,8 @@ secmodel_bsd44_suser_process_cb(kauth_cr
}
case KAUTH_PROCESS_CORENAME:
- result = KAUTH_RESULT_ALLOW;
-
- if (isroot)
- break;
-
- if (proc_uidmatch(cred, p->p_cred) != 0) {
- result = KAUTH_RESULT_DENY;
- break;
- }
+ if (isroot || proc_uidmatch(cred, p->p_cred) == 0)
+ result = KAUTH_RESULT_ALLOW;
break;
@@ -624,7 +612,7 @@ secmodel_bsd44_suser_process_cb(kauth_cr
* processes, maxproc is the limit.
*/
if (__predict_false((lnprocs >= maxproc - 5) && !isroot))
- result = KAUTH_RESULT_DENY;
+ break;
else
result = KAUTH_RESULT_ALLOW;
@@ -636,7 +624,7 @@ secmodel_bsd44_suser_process_cb(kauth_cr
kauth_cred_getuid(cred) ||
ISSET(p->p_flag, PK_SUGID)) &&
!isroot)
- result = KAUTH_RESULT_DENY;
+ break;
else
result = KAUTH_RESULT_ALLOW;
@@ -652,7 +640,6 @@ secmodel_bsd44_suser_process_cb(kauth_cr
kauth_cred_geteuid(p->p_cred) &&
kauth_cred_getuid(cred) !=
kauth_cred_geteuid(p->p_cred)) {
- result = KAUTH_RESULT_DENY;
break;
}
@@ -678,7 +665,6 @@ secmodel_bsd44_suser_process_cb(kauth_cr
if ((p != curlwp->l_proc) &&
(proc_uidmatch(cred, p->p_cred) != 0)) {
- result = KAUTH_RESULT_DENY;
break;
}
@@ -750,13 +736,8 @@ secmodel_bsd44_suser_process_cb(kauth_cr
break;
case KAUTH_PROCESS_STOPFLAG:
- result = KAUTH_RESULT_ALLOW;
-
- if (isroot)
- break;
-
- if (proc_uidmatch(cred, p->p_cred) != 0) {
- result = KAUTH_RESULT_DENY;
+ if (isroot || proc_uidmatch(cred, p->p_cred) == 0) {
+ result = KAUTH_RESULT_ALLOW;
break;
}
break;
Home |
Main Index |
Thread Index |
Old Index