Open-Source-Software-Entwicklung und Downloads

TOMOYO

Browse Subversion Repository

/[tomoyo]/trunk/1.6.x/ccs-patch/fs/tomoyo_exec.c

Diff of /trunk/1.6.x/ccs-patch/fs/tomoyo_exec.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 502 by kumaneko, Tue Sep 25 13:33:45 2007 UTC revision 512 by kumaneko, Thu Sep 27 08:52:16 2007 UTC
# Line 23  extern struct semaphore domain_acl_lock; Line 23  extern struct semaphore domain_acl_lock;
23    
24  /*************************  AUDIT FUNCTIONS  *************************/  /*************************  AUDIT FUNCTIONS  *************************/
25    
26  static int AuditArgv0Log(const struct path_info *filename, const char *argv0, const int is_granted)  static int AuditArgv0Log(const struct path_info *filename, const char *argv0, const u8 is_granted)
27  {  {
28          char *buf;          char *buf;
29          int len;          int len;
# Line 61  static int AddArgv0Entry(const char *fil Line 61  static int AddArgv0Entry(const char *fil
61                                  continue;                                  continue;
62                          }                          }
63                  first_entry: ;                  first_entry: ;
                         if (is_add == 1 && TooManyDomainACL(domain)) break;  
64                          /* Not found. Append it to the tail. */                          /* Not found. Append it to the tail. */
65                          if ((new_ptr = alloc_element(sizeof(*new_ptr))) == NULL) break;                          if ((new_ptr = alloc_element(sizeof(*new_ptr))) == NULL) break;
66                          new_ptr->head.type = TYPE_ARGV0_ACL;                          new_ptr->head.type = TYPE_ARGV0_ACL;
# Line 113  int CheckArgv0Perm(const struct path_inf Line 112  int CheckArgv0Perm(const struct path_inf
112          AuditArgv0Log(filename, argv0, !error);          AuditArgv0Log(filename, argv0, !error);
113          if (error) {          if (error) {
114                  struct domain_info * const domain = current->domain_info;                  struct domain_info * const domain = current->domain_info;
115                  const int is_enforce = CheckCCSEnforce(CCS_TOMOYO_MAC_FOR_ARGV0);                  const u8 is_enforce = CheckCCSEnforce(CCS_TOMOYO_MAC_FOR_ARGV0);
116                  if (TomoyoVerboseMode()) {                  if (TomoyoVerboseMode()) {
117                          printk("TOMOYO-%s: Run %s as %s denied for %s\n", GetMSG(is_enforce), filename->name, argv0, GetLastName(domain));                          printk("TOMOYO-%s: Run %s as %s denied for %s\n", GetMSG(is_enforce), filename->name, argv0, GetLastName(domain));
118                  }                  }
119                  if (is_enforce) error = CheckSupervisor("%s\n" KEYWORD_ALLOW_ARGV0 "%s %s\n", domain->domainname->name, filename->name, argv0);                  if (is_enforce) error = CheckSupervisor("%s\n" KEYWORD_ALLOW_ARGV0 "%s %s\n", domain->domainname->name, filename->name, argv0);
120                  else if (CheckCCSAccept(CCS_TOMOYO_MAC_FOR_ARGV0)) AddArgv0Entry(filename->name, argv0, domain, 1, NULL);                  else if (CheckCCSAccept(CCS_TOMOYO_MAC_FOR_ARGV0, domain)) AddArgv0Entry(filename->name, argv0, domain, 1, NULL);
121                  if (!is_enforce) error = 0;                  if (!is_enforce) error = 0;
122          }          }
123          return error;          return error;
124  }  }
125  EXPORT_SYMBOL(CheckArgv0Perm);  EXPORT_SYMBOL(CheckArgv0Perm);
126    
127  int AddArgv0Policy(char *data, struct domain_info *domain, const int is_delete)  int AddArgv0Policy(char *data, struct domain_info *domain, const u8 is_delete)
128  {  {
129          char *argv0 = strchr(data, ' ');          char *argv0 = strchr(data, ' ');
130          char *cp;          char *cp;
Legend:
Removed from v.502  
changed lines
  Added in v.512
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
Über OSDN
Software suchen
Entwickeln Software
Hilfeseiten