summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>2013-12-19 14:07:44 +0200
committerJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>2013-12-20 09:48:24 +0200
commit29a7b381f53c1b204c11d034bbf27b94034c17bb (patch)
tree0d25a7869f5278320a39d43834982599e70e569c
parenta1123dab9c5738ab9764f4b8a931aba5a4720946 (diff)
downloadrpm-29a7b381f53c1b204c11d034bbf27b94034c17bb.tar.gz
rpm-29a7b381f53c1b204c11d034bbf27b94034c17bb.tar.bz2
rpm-29a7b381f53c1b204c11d034bbf27b94034c17bb.zip
Security plugin: change policy to advisory
Change policy from enforcing to advisory when access is requested from unknown domain or permitted to unknown domain. Also trunacated lines to 80 characters, fixed grammar in the warning messages, and removed trailing spaces and tabs. In future, it might make sense to make this behaviour a command-line option. Added a FIXME comment about that. Change-Id: Iab78d79a8a28e019ec8601265a59d259fd46f9d6 Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
-rw-r--r--plugins/msmxattr.c48
1 files changed, 29 insertions, 19 deletions
diff --git a/plugins/msmxattr.c b/plugins/msmxattr.c
index cdc4bd046..b7dc9190b 100644
--- a/plugins/msmxattr.c
+++ b/plugins/msmxattr.c
@@ -825,7 +825,7 @@ int msmSetupDBusPolicies(package_x *package, manifest_x *mfx)
static int msmCheckDomainRequestOrPermit(manifest_x *mfx, const char* domain)
{
- ac_domain_x *defined_ac_domain = NULL;
+ ac_domain_x *defined_ac_domain = NULL;
define_x *define = NULL;
char* name = NULL;
@@ -837,41 +837,51 @@ static int msmCheckDomainRequestOrPermit(manifest_x *mfx, const char* domain)
strncpy(name, domain, strlen(domain));
strtok(name, ":"); // remove label name if present
rpmlog(RPMLOG_DEBUG, "label name %s domain name %s \n", domain, name);
-
+
HASH_FIND(hh, all_ac_domains, name, strlen(name), defined_ac_domain);
- if (!defined_ac_domain) { // request or permit for an undefined domain.
- rpmlog(RPMLOG_ERR, "A domain name %s hasn't been yet defined by any package. Can't verify if it is allowed\n", name);
- msmFreePointer((void**)&name);
- return -1;
- }
+ if (!defined_ac_domain) // request or permit for an undefined domain.
+ // FIXME: maybe this should be changed to a command-line option that
+ // would be used during the image build?
+ rpmlog(RPMLOG_WARNING, "The domain '%s' has not been yet defined by "\
+ "any package\n");
//now check that this ac_domain can be requested
if (mfx->defines) {
LISTHEAD(mfx->defines, define);
while (define) {
- rpmlog(RPMLOG_DEBUG, "define->name %s domain %s\n", define->name, name);
+ rpmlog(RPMLOG_DEBUG, "define->name %s domain %s\n", define->name,
+ name);
if (strcmp(define->name, name) == 0) {
- // AC domain access is requested or permitted from the same package where it was defined.
- // This case is always allowed
+ // AC domain access is requested or permitted from the same
+ // package where it was defined. This case is always allowed.
msmFreePointer((void**)&name);
- return 0;
+ return 0;
}
define = define->next;
}
}
- // no need to check if developer allowed other packages to request/permit this domain
- // because this isn't a request to belong to a domain, but request/permit for domain access
- if (msmIsRequestAllowed(mfx, defined_ac_domain)) {
+ // no need to check if developer allowed other packages to
+ // request/permit this domain because this isn't a request to
+ // belong to a domain, but request/permit for domain access
+ if (!defined_ac_domain)
+ // FIXME: maybe this should be changed to a command-line option that
+ // would be used during the image build?
+ rpmlog(RPMLOG_WARNING, "Request/Permit to access the domain '%s' is "\
+ "unknown\n", name);
+ else if (msmIsRequestAllowed(mfx, defined_ac_domain))
// request or permit is allowed by domain policy
- rpmlog(RPMLOG_DEBUG, "Request/Permit to access a domain name %s is allowed based on package sw source\n", name);
- msmFreePointer((void**)&name);
- return 0;
- } else {
- rpmlog(RPMLOG_ERR, "Request/Permit to access a domain name %s isn't allowed based on package sw source\n", name);
+ rpmlog(RPMLOG_DEBUG, "Request/Permit to access the domain '%s' is "\
+ "allowed based on package SW source\n", name);
+ else {
+ rpmlog(RPMLOG_ERR, "Request/Permit access the domain '%s' is not "\
+ "allowed based on package SW source\n", name);
msmFreePointer((void**)&name);
return -1;
}
+
+ msmFreePointer((void**)&name);
+ return 0;
}
int msmSetupDefines(struct smack_accesses *smack_accesses, manifest_x *mfx)