[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Getting the control port from a translator
|
From: |
Neal H Walfield |
|
Subject: |
Re: Getting the control port from a translator |
|
Date: |
Thu, 21 Jun 2001 12:58:23 -0500 |
|
User-agent: |
Mutt/1.3.18i |
> > I am inclined to have two different interfaces for the "isowner" and
> > "isroot" kinds of checks, even if one can be implemented in terms of the
> > other strictly speaking. That is less confusing in understanding how to
> > use the interface, and makes it easier to change the plan later
> > (e.g. rewriting what isroot checks without changing isowner).
>
> Agreed.
Here we go.
I wrote getcontrol.c to see if a particular user can obtain the control
port for a given file system:
#define _GNU_SOURCE
#include <error.h>
#include <hurd.h>
#include <stdio.h>
#include <hurd/fs.h>
int main (int argc, char *argv[])
{
error_t err;
mach_port_t server, control;
if (argc != 2)
{
printf ("Usage: %s server\n", argv[0]);
return 1;
}
server = file_name_lookup (argv[1], 0, 0);
if (server == MACH_PORT_NULL)
error (1, 0, "looking up %s", argv[1]);
err = file_getcontrol (server, &control);
if (err)
error (1, err, "file_getcontrol");
printf ("Got the control port.\n");
return 0;
}
Here is a test run using two users, neal and foo. A translator is
started as the user neal. Neal should be able to get the control port
no matter what as the effective uid of the translator is neal. Foo
should only be able to get the control port if he owns the root node.
address@hidden:~ (0)$ dd if=/dev/zero of=tmp bs=1024 count=1024
1024+0 records in
1024+0 records out
address@hidden:~ (0)$ /sbin/mke2fs -F tmp
mke2fs 1.20, 25-May-2001 for EXT2 FS 0.5b, 95/08/09
tmp is mounted; mke2fs forced anyway. Hope /etc/mtab is incorrect.
Filesystem label=
OS type: GNU/Hurd
Block size=1024 (log=0)
Fragment size=1024 (log=0)
128 inodes, 1024 blocks
51 blocks (4.98%) reserved for the super user
First data block=1
1 block group
8192 blocks per group, 8192 fragments per group
128 inodes per group
Writing inode tables: 0/1���done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 24 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
address@hidden:~ (0)$ settrans -acP foo /hurd/ext2fs tmp
Translator pid: 8556
Pausing...
address@hidden:~ (0)$ ids 8556
effective uids: 1000(neal)
effective gids: 1000(neal)
available uids: 1000(neal) 1000(neal)
available gids: 1000(neal) 1000(neal)
address@hidden:~ (0)$ ls -ld foo
drwxr-xr-x 3 neal neal 1024 Jun 21 01:03 foo
address@hidden:~ (0)$ su foo
Password:
address@hidden:/home/neal$ ./getcontrol foo
./getcontrol: file_getcontrol: Operation not permitted
address@hidden:/home/neal$ exit
address@hidden:~ (0)$ sudo chown foo.foo foo
address@hidden:~ (0)$ ls -ld foo
drwxr-xr-x 3 foo foo 1024 Jun 21 01:03 foo
address@hidden:~ (0)$ su foo
Password:
address@hidden:/home/neal$ ./getcontrol foo
Got the control port.
address@hidden:/home/neal$ exit
address@hidden:~ (0)$ ./getcontrol foo
Got the control port.
address@hidden:~ (0)$ exit
libfshelp/ChangeLog:
2001-06-21 Neal H Walfield <address@hidden>
* Makefile (SRCS): New file, perms-iscontroller.c.
* fshelp.h: Add the prototype for the new function
fshelp_iscontroller.
* perms-iscontroller.c: Implement the new function
fshelp_iscontroller.
libdiskfs/ChangeLog:
2001-06-21 Neal H Walfield <address@hidden>
* file-getcontrol.c (diskfs_S_file_getcontrol): When checking
if we can give the control port out, use fshelp_iscontroller
rather than doing the check by hand.
libnetfs/ChangeLog:
2001-06-21 Neal H Walfield <address@hidden>
* file-getcontrol.c (netfs_S_file_getcontrol): When checking if
we can give the control port out, use fshelp_iscontroller rather
than doing the check by hand.
Index: libdiskfs/file-getcontrol.c
===================================================================
RCS file: /home/neal/cvs/hurd/libdiskfs/file-getcontrol.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 file-getcontrol.c
--- libdiskfs/file-getcontrol.c 2001/06/03 20:53:19 1.1.1.1
+++ libdiskfs/file-getcontrol.c 2001/06/21 16:59:51
@@ -1,5 +1,5 @@
/* libdiskfs implementation of fs.defs:file_getcontrol.c
- Copyright (C) 1992, 1993, 1994, 1995, 1996 Free Software Foundation
+ Copyright (C) 1992,93,94,95,96,2001 Free Software Foundation
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
@@ -17,6 +17,7 @@
#include "priv.h"
#include "fs_S.h"
+#include <hurd/fshelp.h>
/* Implement file_getcontrol as described in <hurd/fs.defs>. */
kern_return_t
@@ -24,28 +25,27 @@
mach_port_t *control,
mach_msg_type_name_t *controltype)
{
- int error = 0;
+ int error;
struct port_info *newpi;
if (!cred)
return EOPNOTSUPP;
- if (!idvec_contains (cred->user->uids, 0))
- error = EPERM;
- else
- {
- error = ports_create_port (diskfs_control_class, diskfs_port_bucket,
- sizeof (struct port_info), &newpi);
- if (! error)
- {
- spin_lock (&_diskfs_control_lock);
- _diskfs_ncontrol_ports++;
- spin_unlock (&_diskfs_control_lock);
- *control = ports_get_right (newpi);
- *controltype = MACH_MSG_TYPE_MAKE_SEND;
- ports_port_deref (newpi);
- }
- }
+ error = fshelp_iscontroller (&diskfs_root_node->dn_stat, cred->user);
+ if (error)
+ return error;
+
+ error = ports_create_port (diskfs_control_class, diskfs_port_bucket,
+ sizeof (struct port_info), &newpi);
+ if (error)
+ return error;
+
+ spin_lock (&_diskfs_control_lock);
+ _diskfs_ncontrol_ports++;
+ spin_unlock (&_diskfs_control_lock);
+ *control = ports_get_right (newpi);
+ *controltype = MACH_MSG_TYPE_MAKE_SEND;
+ ports_port_deref (newpi);
- return error;
+ return 0;
}
Index: libfshelp/Makefile
===================================================================
RCS file: /home/neal/cvs/hurd/libfshelp/Makefile,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 Makefile
--- libfshelp/Makefile 2001/06/03 20:53:19 1.1.1.1
+++ libfshelp/Makefile 2001/06/21 16:59:51
@@ -27,7 +27,8 @@
exec-reauth.c \
set-options.c \
get-identity.c \
- perms-isowner.c perms-access.c perms-checkdirmod.c \
+ perms-isowner.c perms-iscontroller.c perms-access.c \
+ perms-checkdirmod.c \
touch.c
LCLHDRS = fshelp.h locks.h trans.h
installhdrs = fshelp.h
Index: libfshelp/fshelp.h
===================================================================
RCS file: /home/neal/cvs/hurd/libfshelp/fshelp.h,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 fshelp.h
--- libfshelp/fshelp.h 2001/06/03 20:53:19 1.1.1.1
+++ libfshelp/fshelp.h 2001/06/21 16:59:51
@@ -1,5 +1,5 @@
/* FS helper library definitions
- Copyright (C) 1994,95,96,97,98,99,2000 Free Software Foundation, Inc.
+ Copyright (C) 1994,95,96,97,98,99,2000,01 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
@@ -237,6 +237,13 @@
file identified by ST. If so, return zero; otherwise return an
appropriate error code. */
error_t fshelp_isowner (struct stat *st, struct iouser *user);
+
+/* Check to see whether USER should be considered a controller of the
+ filesystem. Which is to say, check to see if we should give USER the
+ control port. ST is the stat of the root node. USER is the user
+ asking for a send right to the control port. */
+error_t
+fshelp_iscontroller (struct stat *st, struct iouser *user);
/* Check to see whether the user USER can operate on a file identified
by ST. OP is one of S_IREAD, S_IWRITE, and S_IEXEC. If the access
Index: libfshelp/perms-iscontroller.c
===================================================================
RCS file: /home/neal/cvs/hurd/libfshelp/perms-iscontroller.c,v
diff -N perms-iscontroller.c
--- /dev/null Sun Jun 3 21:07:00 2001
+++ libfshelp/perms-iscontroller.c Thu Jun 21 12:26:58 2001
@@ -0,0 +1,38 @@
+/*
+ Copyright (C) 2001 Free Software Foundation, Inc.
+ Written by Neal H Walfield <address@hidden>.
+
+ This file is part of the GNU Hurd.
+
+ The GNU Hurd is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License as
+ published by the Free Software Foundation; either version 2, or (at
+ your option) any later version.
+
+ The GNU Hurd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA. */
+
+#include <unistd.h>
+#include "fshelp.h"
+
+/* Check to see whether USER should be considered a controller of the
+ filesystem. Which is to say, check to see if we should give USER the
+ control port. ST is the stat of the root node. USER is the user
+ asking for a send right to the control port. */
+error_t
+fshelp_iscontroller (struct stat *st, struct iouser *user)
+{
+ /* Permitted if USER has the superuser uid, the owner uid or if the
+ USER has authority over the process's effective id. */
+ if (idvec_contains (user->uids, st->st_uid)
+ || idvec_contains (user->uids, st->st_uid)
+ || idvec_contains (user->uids, geteuid ()))
+ return 0;
+ return EPERM;
+}
Index: libnetfs/file-getcontrol.c
===================================================================
RCS file: /home/neal/cvs/hurd/libnetfs/file-getcontrol.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 file-getcontrol.c
--- libnetfs/file-getcontrol.c 2001/06/03 20:53:19 1.1.1.1
+++ libnetfs/file-getcontrol.c 2001/06/21 16:59:52
@@ -1,6 +1,6 @@
/* Return the filesystem corresponding to a file
- Copyright (C) 1995, 1996 Free Software Foundation, Inc.
+ Copyright (C) 1995, 1996, 2001 Free Software Foundation, Inc.
Written by Michael I. Bushnell, p/BSG.
This file is part of the GNU Hurd.
@@ -21,6 +21,7 @@
#include "netfs.h"
#include "fsys_S.h"
+#include <hurd/fshelp.h>
error_t
netfs_S_file_getcontrol (struct protid *user,
@@ -33,10 +34,11 @@
if (!user)
return EOPNOTSUPP;
- if (!idvec_contains (user->user->uids, 0))
- return EPERM;
+ err = fshelp_iscontroller (&netfs_root_node->nn_stat, user->user);
+ if (err)
+ return err;
- /* They've got root; give it to them. */
+ /* They've have the appropriate credentials; give it to them. */
err = ports_create_port (netfs_control_class, netfs_port_bucket,
sizeof (struct port_info), &pi);
if (err)
pgpFc78xKrsvi.pgp
Description: PGP signature