オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/branches/ccs-patch/security/ccsecurity/policy_io.c

Diff of /branches/ccs-patch/security/ccsecurity/policy_io.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 3698 by kumaneko, Tue May 25 12:22:08 2010 UTC revision 3701 by kumaneko, Fri May 28 12:44:01 2010 UTC
# Line 2113  static bool ccs_get_argv0(struct ccs_exe Line 2113  static bool ccs_get_argv0(struct ccs_exe
2113   *   *
2114   * Returns pointer to "struct ccs_condition" on success, NULL otherwise.   * Returns pointer to "struct ccs_condition" on success, NULL otherwise.
2115   */   */
2116  static struct ccs_condition *ccs_get_execute_condition(struct ccs_execve  static struct ccs_condition *ccs_get_execute_condition(struct ccs_execve *ee)
                                                        *ee)  
2117  {  {
2118          struct ccs_condition *cond;          struct ccs_condition *cond;
2119          char *buf;          char *buf;
# Line 2174  static struct ccs_condition *ccs_get_exe Line 2173  static struct ccs_condition *ccs_get_exe
2173   *   *
2174   * Returns pointer to "struct ccs_condition" on success, NULL otherwise.   * Returns pointer to "struct ccs_condition" on success, NULL otherwise.
2175   */   */
2176  static struct ccs_condition *ccs_get_symlink_condition(struct ccs_request_info  static struct ccs_condition *ccs_get_symlink_condition
2177                                                         *r)  (const struct ccs_request_info *r)
2178  {  {
2179          struct ccs_condition *cond;          struct ccs_condition *cond;
2180          char *buf;          char *buf;
# Line 2230  static atomic_t ccs_query_observers = AT Line 2229  static atomic_t ccs_query_observers = AT
2229  /**  /**
2230   * ccs_supervisor - Ask for the supervisor's decision.   * ccs_supervisor - Ask for the supervisor's decision.
2231   *   *
2232   * @r:       Pointer to "struct ccs_request_info".   * @r:   Pointer to "struct ccs_request_info".
2233   * @fmt:     The printf()'s format string, followed by parameters.   * @fmt: The printf()'s format string, followed by parameters.
2234   *   *
2235   * Returns 0 if the supervisor decided to permit the access request which   * Returns 0 if the supervisor decided to permit the access request which
2236   * violated the policy in enforcing mode, CCS_RETRY_REQUEST if the supervisor   * violated the policy in enforcing mode, CCS_RETRY_REQUEST if the supervisor
# Line 2265  int ccs_supervisor(struct ccs_request_in Line 2264  int ccs_supervisor(struct ccs_request_in
2264                  vsnprintf(buffer, len - 1, fmt, args);                  vsnprintf(buffer, len - 1, fmt, args);
2265                  va_end(args);                  va_end(args);
2266                  ccs_normalize_line(buffer);                  ccs_normalize_line(buffer);
2267                  if (r->ee && !strncmp(buffer, "allow_execute ", 14))                  if (r->param_type == CCS_TYPE_PATH_ACL &&
2268                        r->param.path.operation == CCS_TYPE_EXECUTE)
2269                          cond = ccs_get_execute_condition(r->ee);                          cond = ccs_get_execute_condition(r->ee);
2270                  else if (r->obj && r->obj->symlink_target)                  else if (r->param_type == CCS_TYPE_PATH_ACL &&
2271                             r->param.path.operation == CCS_TYPE_SYMLINK)
2272                          cond = ccs_get_symlink_condition(r);                          cond = ccs_get_symlink_condition(r);
2273                  else if ((current->ccs_flags & CCS_TASK_IS_EXECUTE_HANDLER)) {                  else if ((current->ccs_flags & CCS_TASK_IS_EXECUTE_HANDLER)) {
2274                          char str[] = "if task.type=execute_handler";                          char str[] = "if task.type=execute_handler";
Legend:
Removed from v.3698  
changed lines
  Added in v.3701
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ