1 /* Copyright 2008 Sun Microsystems, Inc. All rights reserved. |
1 /* Copyright 2009 Sun Microsystems, Inc. All rights reserved. |
2 * |
2 * |
3 * Permission is hereby granted, free of charge, to any person obtaining a |
3 * Permission is hereby granted, free of charge, to any person obtaining a |
4 * copy of this software and associated documentation files (the |
4 * copy of this software and associated documentation files (the |
5 * "Software"), to deal in the Software without restriction, including |
5 * "Software"), to deal in the Software without restriction, including |
6 * without limitation the rights to use, copy, modify, merge, publish, |
6 * without limitation the rights to use, copy, modify, merge, publish, |
77 #define EXTNSIZE 128 |
81 #define EXTNSIZE 128 |
78 |
82 |
79 #define SECURE_RPC_AUTH "SUN-DES-1" |
83 #define SECURE_RPC_AUTH "SUN-DES-1" |
80 #define SECURE_RPC_LEN 9 |
84 #define SECURE_RPC_LEN 9 |
81 |
85 |
82 extern bslabel_t *lookupSL(); |
86 #define CALLBACK(name) void \ |
83 extern void (*ReplySwapVector[]) (); |
87 name(CallbackListPtr *pcbl, pointer nulldata, pointer calldata) |
84 extern TsolInfoPtr GetClientTsolInfo(); |
|
85 extern char *NameForAtom(Atom atom); |
|
86 |
88 |
87 static int ProcTsolDispatch(ClientPtr); |
89 static int ProcTsolDispatch(ClientPtr); |
88 static int ProcSetPolyInstInfo(ClientPtr); |
90 static int ProcSetPolyInstInfo(ClientPtr); |
89 static int ProcSetPropLabel(ClientPtr); |
91 static int ProcSetPropLabel(ClientPtr); |
90 static int ProcSetPropUID(ClientPtr); |
92 static int ProcSetPropUID(ClientPtr); |
110 static int SProcGetResAttributes(ClientPtr); |
112 static int SProcGetResAttributes(ClientPtr); |
111 static int SProcMakeTPWindow(ClientPtr); |
113 static int SProcMakeTPWindow(ClientPtr); |
112 static int SProcMakeTrustedWindow(ClientPtr); |
114 static int SProcMakeTrustedWindow(ClientPtr); |
113 static int SProcMakeUntrustedWindow(ClientPtr); |
115 static int SProcMakeUntrustedWindow(ClientPtr); |
114 |
116 |
115 static void TsolReset(); |
117 static void TsolReset(ExtensionEntry *extension); |
116 static void BreakAllGrabs(ClientPtr client); |
118 static void BreakAllGrabs(ClientPtr client); |
117 |
119 |
118 extern void init_xtsol(); |
120 extern void init_xtsol(void); |
119 extern void init_win_privsets(); |
|
120 extern void free_win_privsets(); |
|
121 extern int DoScreenStripeHeight(int screen_num); |
121 extern int DoScreenStripeHeight(int screen_num); |
122 extern int AddUID(int *userid); |
122 extern int AddUID(int *userid); |
123 |
123 |
124 static unsigned char TsolReqCode = 0; |
124 static unsigned char TsolReqCode = 0; |
125 static int tsolEventBase = -1; |
125 static int tsolEventBase = -1; |
126 extern unsigned int StripeHeight; |
126 extern unsigned int StripeHeight; |
127 int ScreenStripeHeight[MAX_SCREENS - 1] = {0, 0}; |
127 int ScreenStripeHeight[MAX_SCREENS - 1] = {0, 0}; |
128 |
|
129 extern int tsolClientPrivateIndex; |
|
130 extern int tsolWindowPrivateIndex; |
|
131 extern int tsolPixmapPrivateIndex; |
|
132 |
128 |
133 static HotKeyRec hotkey = {FALSE, 0, 0, 0, 0}; |
129 static HotKeyRec hotkey = {FALSE, 0, 0, 0, 0}; |
134 |
130 |
135 int tsolMultiLevel = TRUE; |
131 int tsolMultiLevel = TRUE; |
136 |
132 |
140 extern WindowPtr tpwin; |
136 extern WindowPtr tpwin; |
141 extern bclear_t SessionHI; /* HI Clearance */ |
137 extern bclear_t SessionHI; /* HI Clearance */ |
142 extern bclear_t SessionLO; /* LO Clearance */ |
138 extern bclear_t SessionLO; /* LO Clearance */ |
143 extern TsolPolyInstInfoRec tsolpolyinstinfo; |
139 extern TsolPolyInstInfoRec tsolpolyinstinfo; |
144 |
140 |
145 extern void LoadTsolConfig(); |
141 extern void LoadTsolConfig(void); |
146 extern void MakeTSOLAtoms(); |
142 extern void MakeTSOLAtoms(void); |
147 extern void UpdateTsolNode(); |
143 extern void UpdateTsolNode(void); |
148 /* |
|
149 * Protocol handling vectors |
|
150 */ |
|
151 extern int (*ProcVector[])(); |
|
152 extern int (*SwappedProcVector[])(); |
|
153 |
144 |
154 int (*TsolSavedProcVector[PROCVECTORSIZE])(ClientPtr client); |
145 int (*TsolSavedProcVector[PROCVECTORSIZE])(ClientPtr client); |
155 int (*TsolSavedSwappedProcVector[PROCVECTORSIZE])(ClientPtr client); |
146 int (*TsolSavedSwappedProcVector[PROCVECTORSIZE])(ClientPtr client); |
156 |
147 |
157 extern SecurityHookPtr pSecHook; |
148 extern SecurityHookPtr pSecHook; |
158 SecurityHook tsolSecHook; |
149 SecurityHook tsolSecHook; |
159 |
150 |
160 XID TsolCheckAuthorization (unsigned int name_length, |
151 XID TsolCheckAuthorization (unsigned int name_length, |
161 char *name, unsigned int data_length, |
152 char *name, unsigned int data_length, |
162 char *data, ClientPtr client, char **reason); |
153 char *data, ClientPtr client, char **reason); |
163 void TsolDeleteClientFromAnySelections(ClientPtr); |
154 void TsolDeleteClientFromAnySelections(ClientPtr); |
164 void TsolDeleteWindowFromAnySelections(WindowPtr); |
155 void TsolDeleteWindowFromAnySelections(WindowPtr); |
165 |
156 |
166 extern int TsolChangeWindowProperty(ClientPtr, WindowPtr, Atom, Atom, int, int, |
157 extern int TsolChangeWindowProperty(ClientPtr, WindowPtr, Atom, Atom, int, int, |
167 unsigned long, pointer, Bool); |
158 unsigned long, pointer, Bool); |
168 extern int TsolDeleteProperty(ClientPtr, WindowPtr, Atom); |
159 extern int TsolDeleteProperty(ClientPtr, WindowPtr, Atom); |
169 extern int TsolInitWindow(ClientPtr, WindowPtr); |
160 extern int TsolInitWindow(ClientPtr, WindowPtr); |
170 extern void TsolAuditStart(ClientPtr); |
|
171 extern void TsolAuditEnd(ClientPtr, int); |
|
172 |
|
173 static void TsolClientStateCallback(CallbackListPtr *pcbl, |
|
174 pointer nulldata, pointer calldata); |
|
175 static void TsolSetClientInfo(ClientPtr client); |
161 static void TsolSetClientInfo(ClientPtr client); |
176 static void TsolProcessKeyboard(xEvent *, KeyClassPtr); |
162 |
177 static char TsolCheckPropertyAccess(ClientPtr client, WindowPtr pWin, ATOM propertyName, |
163 /* XACE hook callbacks */ |
178 Mask access_mode); |
164 static CALLBACK(TsolCheckExtensionAccess); |
|
165 static CALLBACK(TsolCheckPropertyAccess); |
|
166 static CALLBACK(TsolCheckResourceIDAccess); |
|
167 static CALLBACK(TsolProcessKeyboard); |
|
168 extern CALLBACK(TsolAuditStart); |
|
169 extern CALLBACK(TsolAuditEnd); |
|
170 |
|
171 /* other callbacks */ |
|
172 static CALLBACK(TsolClientStateCallback); |
179 |
173 |
180 extern int ProcTsolInternAtom(ClientPtr client); |
174 extern int ProcTsolInternAtom(ClientPtr client); |
181 extern int ProcTsolSetSelectionOwner(ClientPtr client); |
175 extern int ProcTsolSetSelectionOwner(ClientPtr client); |
182 extern int ProcTsolGetSelectionOwner(ClientPtr client); |
176 extern int ProcTsolGetSelectionOwner(ClientPtr client); |
183 extern int ProcTsolConvertSelection(ClientPtr client); |
177 extern int ProcTsolConvertSelection(ClientPtr client); |
250 |
242 |
251 init_xtsol(); |
243 init_xtsol(); |
252 init_win_privsets(); |
244 init_win_privsets(); |
253 |
245 |
254 extEntry = AddExtension(TSOLNAME, TSOL_NUM_EVENTS, TSOL_NUM_ERRORS, |
246 extEntry = AddExtension(TSOLNAME, TSOL_NUM_EVENTS, TSOL_NUM_ERRORS, |
255 ProcTsolDispatch, SProcTsolDispatch, TsolReset, |
247 ProcTsolDispatch, SProcTsolDispatch, TsolReset, |
256 StandardMinorOpcode); |
248 StandardMinorOpcode); |
257 |
249 |
258 if (extEntry == NULL) { |
250 if (extEntry == NULL) { |
259 ErrorF("TsolExtensionInit: AddExtension failed for X Trusted Extensions\n"); |
251 ErrorF("TsolExtensionInit: AddExtension failed for X Trusted Extensions\n"); |
260 return; |
252 return; |
261 } |
253 } |
262 |
254 |
263 extEntry->secure = TRUE; |
|
264 TsolReqCode = (unsigned char) extEntry->base; |
255 TsolReqCode = (unsigned char) extEntry->base; |
265 tsolEventBase = extEntry->eventBase; |
256 tsolEventBase = extEntry->eventBase; |
266 |
257 |
267 if (!AddCallback(&ClientStateCallback, TsolClientStateCallback, NULL)) |
258 if (!AddCallback(&ClientStateCallback, TsolClientStateCallback, NULL)) |
268 return; |
259 return; |
269 |
260 |
270 /* Allocate the client private index */ |
261 /* Allocate storage in devPrivates */ |
271 tsolClientPrivateIndex = AllocateClientPrivateIndex(); |
262 if (!dixRequestPrivate(tsolPrivKey, sizeof (TsolPrivRec))) { |
272 if (!AllocateClientPrivate(tsolClientPrivateIndex, |
263 ErrorF("TsolExtensionInit: Cannot allocate devPrivate.\n"); |
273 sizeof (TsolInfoRec))) { |
|
274 ErrorF("TsolExtensionInit: Cannot allocate client private.\n"); |
|
275 return; |
264 return; |
276 } |
|
277 |
|
278 /* Allocate per screen window/pixmap private index */ |
|
279 tsolWindowPrivateIndex = AllocateWindowPrivateIndex(); |
|
280 tsolPixmapPrivateIndex = AllocatePixmapPrivateIndex(); |
|
281 |
|
282 for (i = 0; i < screenInfo.numScreens; i++) { |
|
283 pScreen = screenInfo.screens[i]; |
|
284 if (!AllocateWindowPrivate(pScreen, tsolWindowPrivateIndex, |
|
285 sizeof (TsolResRec))) { |
|
286 ErrorF("TsolExtensionInit: Cannot allocate window private.\n"); |
|
287 return; |
|
288 } |
|
289 |
|
290 if (!AllocatePixmapPrivate(pScreen, tsolPixmapPrivateIndex, |
|
291 sizeof (TsolResRec))) { |
|
292 ErrorF("TsolExtensionInit: Cannot allocate pixmap private.\n"); |
|
293 return; |
|
294 } |
|
295 } |
265 } |
296 |
266 |
297 LoadTsolConfig(); |
267 LoadTsolConfig(); |
298 |
268 |
299 MakeTSOLAtoms(); |
269 MakeTSOLAtoms(); |
300 UpdateTsolNode(); |
270 UpdateTsolNode(); |
|
271 |
|
272 /* Initialize security hooks */ |
|
273 tsolSecHook.CheckAuthorization = TsolCheckAuthorization; |
|
274 tsolSecHook.ChangeWindowProperty = TsolChangeWindowProperty; |
|
275 tsolSecHook.DeleteProperty = TsolDeleteProperty; |
|
276 tsolSecHook.DeleteClientFromAnySelections = TsolDeleteClientFromAnySelections; |
|
277 tsolSecHook.DeleteWindowFromAnySelections = TsolDeleteWindowFromAnySelections; |
|
278 pSecHook = &tsolSecHook; |
|
279 |
|
280 XaceRegisterCallback(XACE_RESOURCE_ACCESS, TsolCheckResourceIDAccess, |
|
281 NULL); |
|
282 XaceRegisterCallback(XACE_PROPERTY_ACCESS, TsolCheckPropertyAccess, |
|
283 NULL); |
|
284 XaceRegisterCallback(XACE_EXT_ACCESS, TsolCheckExtensionAccess, NULL); |
|
285 XaceRegisterCallback(XACE_KEY_AVAIL, TsolProcessKeyboard, NULL); |
|
286 XaceRegisterCallback(XACE_AUDIT_BEGIN, TsolAuditStart, NULL); |
|
287 XaceRegisterCallback(XACE_AUDIT_END, TsolAuditEnd, NULL); |
301 |
288 |
302 /* Save original Proc vectors */ |
289 /* Save original Proc vectors */ |
303 for (i = 0; i < PROCVECTORSIZE; i++) { |
290 for (i = 0; i < PROCVECTORSIZE; i++) { |
304 TsolSavedProcVector[i] = ProcVector[i]; |
291 TsolSavedProcVector[i] = ProcVector[i]; |
305 TsolSavedSwappedProcVector[i] = SwappedProcVector[i]; |
292 TsolSavedSwappedProcVector[i] = SwappedProcVector[i]; |
306 } |
293 } |
307 |
|
308 /* Initialize security hooks */ |
|
309 tsolSecHook.CheckAuthorization = TsolCheckAuthorization; |
|
310 tsolSecHook.ChangeWindowProperty = TsolChangeWindowProperty; |
|
311 tsolSecHook.CheckPropertyAccess = TsolCheckPropertyAccess; |
|
312 tsolSecHook.DeleteProperty = TsolDeleteProperty; |
|
313 tsolSecHook.InitWindow = TsolInitWindow; |
|
314 tsolSecHook.ProcessKeyboard = TsolProcessKeyboard; |
|
315 tsolSecHook.DeleteClientFromAnySelections = TsolDeleteClientFromAnySelections; |
|
316 tsolSecHook.DeleteWindowFromAnySelections = TsolDeleteWindowFromAnySelections; |
|
317 tsolSecHook.AuditStart = TsolAuditStart; |
|
318 tsolSecHook.AuditEnd = TsolAuditEnd; |
|
319 pSecHook = &tsolSecHook; |
|
320 |
294 |
321 /* Replace some of the original Proc vectors with our own TBD */ |
295 /* Replace some of the original Proc vectors with our own TBD */ |
322 ProcVector[X_InternAtom] = ProcTsolInternAtom; |
296 ProcVector[X_InternAtom] = ProcTsolInternAtom; |
323 ProcVector[X_SetSelectionOwner] = ProcTsolSetSelectionOwner; |
297 ProcVector[X_SetSelectionOwner] = ProcTsolSetSelectionOwner; |
324 ProcVector[X_GetSelectionOwner] = ProcTsolGetSelectionOwner; |
298 ProcVector[X_GetSelectionOwner] = ProcTsolGetSelectionOwner; |
365 ProcVector[X_PolySegment] = ProcTsolPolySegment; |
339 ProcVector[X_PolySegment] = ProcTsolPolySegment; |
366 ProcVector[X_PolyRectangle] = ProcTsolPolyRectangle; |
340 ProcVector[X_PolyRectangle] = ProcTsolPolyRectangle; |
367 |
341 |
368 } |
342 } |
369 |
343 |
370 static pointer |
344 static CALLBACK( |
371 TsolCheckResourceIDAccess( |
345 TsolCheckResourceIDAccess) |
372 ClientPtr client, |
346 { |
373 XID id, |
347 XaceResourceAccessRec *rec = calldata; |
374 RESTYPE rtype, |
348 ClientPtr client = rec->client; |
375 Mask access_mode, |
349 XID id = rec->id; |
376 pointer rval) |
350 RESTYPE rtype = rec->rtype; |
377 { |
351 pointer rval = rec->res; |
|
352 Mask access_mode = rec->access_mode; |
|
353 |
378 int cid = CLIENT_ID(id); |
354 int cid = CLIENT_ID(id); |
379 int reqtype = ((xReq *)client->requestBuffer)->reqType; /* protocol */ |
355 int reqtype; |
380 pointer retval; |
356 |
381 char msgbuf[1024]; |
357 if (client->requestBuffer) { |
382 |
358 reqtype = MAJOROP; /* protocol */ |
383 |
359 } else { |
384 retval = rval; |
360 reqtype = -1; |
|
361 } |
385 |
362 |
386 switch (rtype) { |
363 switch (rtype) { |
387 case RT_GC: |
364 case RT_GC: |
388 switch (access_mode) { |
365 if (access_mode & DixReadAccess) { |
389 case SecurityReadAccess: |
366 if (xtsol_policy(TSOL_RES_GC, TSOL_READ, (void *)id, |
390 if (xtsol_policy(TSOL_RES_GC, TSOL_READ, (void *)id, |
367 client, TSOL_ALL, (void *)MAJOROP)) |
391 client, TSOL_ALL, (void *)MAJOROP)) |
368 rec->status = BadAccess; |
392 retval = NULL; |
369 } |
393 break; |
370 |
394 |
371 if (access_mode & DixWriteAccess) { |
395 case SecurityWriteAccess: |
372 if (xtsol_policy(TSOL_RES_GC, TSOL_MODIFY, (void *)id, |
396 if (xtsol_policy(TSOL_RES_GC, TSOL_MODIFY, (void *)id, |
373 client, TSOL_ALL, (void *)MAJOROP)) |
397 client, TSOL_ALL, (void *)MAJOROP)) |
374 rec->status = BadAccess; |
398 retval = NULL; |
375 } |
399 break; |
376 |
400 |
377 if (access_mode & DixDestroyAccess) { |
401 case SecurityDestroyAccess: |
378 if (xtsol_policy(TSOL_RES_GC, TSOL_DESTROY, (void *)id, |
402 if (xtsol_policy(TSOL_RES_GC, TSOL_DESTROY, (void *)id, |
379 client, TSOL_ALL, (void *)MAJOROP)) |
403 client, TSOL_ALL, (void *)MAJOROP)) |
380 rec->status = BadAccess; |
404 retval = NULL; |
381 } |
405 break; |
382 break; |
406 } |
|
407 break; |
|
408 |
383 |
409 case RT_WINDOW: /* Drawables */ |
384 case RT_WINDOW: /* Drawables */ |
|
385 if (access_mode & DixCreateAccess) { |
|
386 /* Replaces InitWindow hook */ |
|
387 TsolInitWindow(client, (WindowPtr) rval); |
|
388 } |
|
389 /* The rest falls through to code shared with RT_PIXMAP */ |
410 case RT_PIXMAP: |
390 case RT_PIXMAP: |
411 /* Drawing operations use pixel access policy */ |
391 /* Drawing operations use pixel access policy */ |
412 switch (reqtype) { |
392 switch (reqtype) { |
413 case X_PolyPoint: |
393 case X_PolyPoint: |
414 case X_PolyLine: |
394 case X_PolyLine: |
419 case X_PutImage: |
399 case X_PutImage: |
420 case X_PolyText8: |
400 case X_PolyText8: |
421 case X_PolyText16: |
401 case X_PolyText16: |
422 case X_ImageText8: |
402 case X_ImageText8: |
423 case X_ImageText16: |
403 case X_ImageText16: |
424 switch (access_mode) { |
404 if (access_mode & DixReadAccess) { |
425 case SecurityReadAccess: |
405 if (xtsol_policy(TSOL_RES_PIXEL, TSOL_READ, |
426 if (xtsol_policy(TSOL_RES_PIXEL, TSOL_READ, (void *)rval, |
406 (void *)rval, client, TSOL_ALL, |
427 client, TSOL_ALL, (void *)MAJOROP)) |
407 (void *)MAJOROP)) |
428 retval = NULL; |
408 rec->status = BadAccess; |
429 break; |
409 } |
430 |
410 |
431 case SecurityWriteAccess: |
411 if (access_mode & DixWriteAccess) { |
432 if (xtsol_policy(TSOL_RES_PIXEL, TSOL_MODIFY, (void *)rval, |
412 if (xtsol_policy(TSOL_RES_PIXEL, TSOL_MODIFY, |
433 client, TSOL_ALL, (void *)MAJOROP)) |
413 (void *)rval, client, TSOL_ALL, |
434 retval = NULL; |
414 (void *)MAJOROP)) |
435 break; |
415 rec->status = BadAccess; |
436 } |
416 } |
437 break; |
417 break; |
438 |
418 |
439 /* Property protocols */ |
419 /* Property protocols */ |
440 case X_ChangeProperty: |
420 case X_ChangeProperty: |
441 case X_DeleteProperty: |
421 case X_DeleteProperty: |
442 case X_GetProperty: |
422 case X_GetProperty: |
443 case X_ListProperties: |
423 case X_ListProperties: |
444 case X_RotateProperties: |
424 case X_RotateProperties: |
445 switch (access_mode) { |
425 if (access_mode & DixReadAccess) { |
446 case SecurityReadAccess: |
426 if (xtsol_policy(TSOL_RES_PROPWIN, TSOL_READ, |
447 if (xtsol_policy(TSOL_RES_PROPWIN, TSOL_READ, (void *)rval, |
427 (void *)rval, client, TSOL_ALL, |
448 client, TSOL_ALL, (void *)MAJOROP)) |
428 (void *)MAJOROP)) |
449 retval = NULL; |
429 rec->status = BadAccess; |
|
430 } |
|
431 |
|
432 if (access_mode & DixWriteAccess) { |
|
433 if (xtsol_policy(TSOL_RES_PROPWIN, TSOL_MODIFY, |
|
434 (void *)rval, client, TSOL_ALL, |
|
435 (void *)MAJOROP)) |
|
436 rec->status = BadAccess; |
|
437 } |
450 break; |
438 break; |
451 |
439 } |
452 case SecurityWriteAccess: |
440 break; |
453 if (xtsol_policy(TSOL_RES_PROPWIN, TSOL_MODIFY, (void *)rval, |
441 } |
454 client, TSOL_ALL, (void *)MAJOROP)) |
442 |
455 retval = NULL; |
443 if (rec->status == BadAccess) { |
456 break; |
444 TsolInfoPtr tsolinfo = GetClientTsolInfo(client); |
457 } |
445 |
458 break; |
446 ErrorF("Access failed: cid = %d, rtype=%X, access=%d," |
459 } |
447 " xid=%X, proto = %d, pid = %d\n", |
460 break; |
448 cid, (uint_t) rtype, access_mode, id, reqtype, tsolinfo->pid); |
461 } |
449 } |
462 |
450 } |
463 if (retval == NULL) { |
451 |
464 TsolInfoPtr tsolinfo, res_tsolinfo; |
452 static |
465 tsolinfo = GetClientTsolInfo(client); |
453 CALLBACK(TsolClientStateCallback) |
466 |
|
467 snprintf(msgbuf, sizeof (msgbuf), |
|
468 "Access failed: cid = %d, rtype=%X, access=%d, xid=%X, proto = %d, pid = %d\n", |
|
469 cid, rtype, access_mode, id, reqtype, tsolinfo->pid); |
|
470 ErrorF(msgbuf); |
|
471 } |
|
472 |
|
473 return retval; |
|
474 } |
|
475 |
|
476 static void |
|
477 TsolClientStateCallback(CallbackListPtr *pcbl, |
|
478 pointer nulldata, |
|
479 pointer calldata) |
|
480 { |
454 { |
481 NewClientInfoRec *pci = (NewClientInfoRec *)calldata; |
455 NewClientInfoRec *pci = (NewClientInfoRec *)calldata; |
482 ClientPtr client = pci->client; |
456 ClientPtr client = pci->client; |
483 TsolInfoPtr tsolinfo = (TsolInfoPtr) |
457 TsolInfoPtr tsolinfo = TsolClientPriv(client); |
484 (client->devPrivates[tsolClientPrivateIndex].ptr); |
|
485 |
458 |
486 switch (client->clientState) { |
459 switch (client->clientState) { |
487 |
460 |
488 case ClientStateInitial: |
461 case ClientStateInitial: |
489 /* Got a new connection */ |
462 /* Got a new connection */ |
490 TsolSetClientInfo(client); |
463 TsolSetClientInfo(client); |
491 client->CheckAccess = TsolCheckResourceIDAccess; |
|
492 break; |
464 break; |
493 |
465 |
494 case ClientStateRunning: |
466 case ClientStateRunning: |
495 break; |
467 break; |
496 |
468 |
1265 /* Transfer the client info to reply rec */ |
1240 /* Transfer the client info to reply rec */ |
1266 rep.type = X_Reply; |
1241 rep.type = X_Reply; |
1267 rep.sequenceNumber = client->sequence; |
1242 rep.sequenceNumber = client->sequence; |
1268 |
1243 |
1269 /* allocate temp storage for labels */ |
1244 /* allocate temp storage for labels */ |
1270 sl = (bslabel_t *)(ALLOCATE_LOCAL(SL_SIZE)); |
1245 sl = (bslabel_t *)(xalloc(SL_SIZE)); |
1271 rep.data00 = rep.data01 = 0; |
1246 rep.data00 = rep.data01 = 0; |
1272 if (sl == NULL) |
1247 if (sl == NULL) |
1273 return (BadAlloc); |
1248 return (BadAlloc); |
1274 |
1249 |
1275 /* fill the fields as per request mask */ |
1250 /* fill the fields as per request mask */ |
1276 if (stuff->mask & RES_SL) |
1251 if (stuff->mask & RES_SL) |
1277 { |
1252 { |
1278 memcpy(sl, res_tsolinfo->sl, SL_SIZE); |
1253 memcpy(sl, res_tsolinfo->sl, SL_SIZE); |
1279 rep.data00 = SL_SIZE; |
1254 rep.data00 = SL_SIZE; |
1280 } |
1255 } |
1281 |
1256 |
1282 rep.length = (CARD32)(rep.data00)/4; |
1257 rep.length = (CARD32)(rep.data00)/4; |
1283 |
1258 |
1284 if (rep.length > 0) |
1259 if (rep.length > 0) |
1285 { |
1260 { |
1286 reply_length = rep.length*4; |
1261 reply_length = rep.length*4; |
1564 |
1531 |
1565 REQUEST(xMakeTPWindowReq); |
1532 REQUEST(xMakeTPWindowReq); |
1566 REQUEST_SIZE_MATCH(xMakeTPWindowReq); |
1533 REQUEST_SIZE_MATCH(xMakeTPWindowReq); |
1567 |
1534 |
1568 /* |
1535 /* |
1569 * Session type single-level? This is set by the |
1536 * Session type single-level? This is set by the |
1570 * label builder |
1537 * label builder |
1571 */ |
1538 */ |
1572 tsolinfo = GetClientTsolInfo(client); |
1539 tsolinfo = GetClientTsolInfo(client); |
1573 if (tsolinfo && HasTrustedPath(tsolinfo) && |
1540 if (tsolinfo && HasTrustedPath(tsolinfo) && |
1574 blequal(&SessionLO, &SessionHI) && stuff->id == 0) { |
1541 blequal(&SessionLO, &SessionHI) && stuff->id == 0) { |
1575 tsolMultiLevel = FALSE; |
1542 tsolMultiLevel = FALSE; |
1576 return (client->noClientException); |
1543 return (client->noClientException); |
1577 } |
1544 } |
1578 |
1545 |
1579 #if defined(PANORAMIX) |
1546 #if defined(PANORAMIX) |
1580 if (!noPanoramiXExtension) |
1547 if (!noPanoramiXExtension) |
1581 { |
1548 { |
1582 #if defined(IN_MODULE) |
|
1583 /* Xorg X server */ |
|
1584 PanoramiXRes *panres = NULL; |
1549 PanoramiXRes *panres = NULL; |
1585 int j; |
1550 int j; |
1586 |
1551 |
1587 if ((panres = (PanoramiXRes *)LookupIDByType(stuff->id, XRT_WINDOW)) |
1552 if ((panres = (PanoramiXRes *)LookupIDByType(stuff->id, XRT_WINDOW)) |
1588 == NULL) |
1553 == NULL) |
1609 { |
1574 { |
1610 tpwin = (WindowPtr)NULL; |
1575 tpwin = (WindowPtr)NULL; |
1611 ReflectStackChange(pWin, pParent->firstChild, VTStack); |
1576 ReflectStackChange(pWin, pParent->firstChild, VTStack); |
1612 } |
1577 } |
1613 } |
1578 } |
1614 #else |
1579 } else |
1615 /* Xsun X server */ |
|
1616 PanoramiXWindow *pPanoramiXWin = PanoramiXWinRoot; |
|
1617 int j; |
|
1618 |
|
1619 PANORAMIXFIND_ID(pPanoramiXWin, stuff->id); |
|
1620 IF_RETURN(!pPanoramiXWin, BadWindow); |
|
1621 |
|
1622 FOR_NSCREENS_OR_ONCE(pPanoramiXWin, j) |
|
1623 { |
|
1624 pWin = LookupWindow(pPanoramiXWin->info[j].id, client); |
|
1625 |
|
1626 /* window should not be root but child of root */ |
|
1627 if (!pWin || (!pWin->parent)) |
|
1628 { |
|
1629 client->errorValue = stuff->id; |
|
1630 return (BadWindow); |
|
1631 } |
|
1632 if (err_code = xtsol_policy(TSOL_RES_TPWIN, TSOL_MODIFY, pWin, |
|
1633 client, TSOL_ALL, (void *)MAJOROP)) |
|
1634 { |
|
1635 return (err_code); |
|
1636 } |
|
1637 |
|
1638 pParent = pWin->parent; |
|
1639 if (pParent->firstChild != pWin) |
|
1640 { |
|
1641 tpwin = (WindowPtr)NULL; |
|
1642 ReflectStackChange(pWin, pParent->firstChild, VTStack); |
|
1643 } |
|
1644 } |
|
1645 #endif |
|
1646 |
|
1647 } else |
|
1648 #endif |
1580 #endif |
1649 { |
1581 { |
1650 pWin = LookupWindow(stuff->id, client); |
1582 pWin = LookupWindow(stuff->id, client); |
1651 |
1583 |
1652 /* window should not be root but child of root */ |
1584 /* window should not be root but child of root */ |
1780 TsolSetClientInfo(ClientPtr client) |
1712 TsolSetClientInfo(ClientPtr client) |
1781 { |
1713 { |
1782 bslabel_t *sl; |
1714 bslabel_t *sl; |
1783 bslabel_t admin_low; |
1715 bslabel_t admin_low; |
1784 priv_set_t *privs; |
1716 priv_set_t *privs; |
1785 const au_tid64_addr_t *tid64; |
|
1786 const au_mask_t *amask; |
1717 const au_mask_t *amask; |
1787 au_mask_t mask; /* user audit mask */ |
|
1788 socklen_t namelen; |
1718 socklen_t namelen; |
1789 struct passwd *pw; |
|
1790 struct auditinfo auinfo; |
1719 struct auditinfo auinfo; |
1791 struct auditinfo *pauinfo; |
1720 struct auditinfo *pauinfo; |
1792 OsCommPtr oc = (OsCommPtr)client->osPrivate; |
1721 OsCommPtr oc = (OsCommPtr)client->osPrivate; |
1793 register ConnectionInputPtr oci = oc->input; |
|
1794 int fd = oc->fd; |
1722 int fd = oc->fd; |
1795 ucred_t *uc = NULL; |
1723 ucred_t *uc = NULL; |
1796 extern au_id_t ucred_getauid(const ucred_t *uc); |
1724 extern au_id_t ucred_getauid(const ucred_t *uc); |
1797 extern au_asid_t ucred_getasid(const ucred_t *uc); |
1725 extern au_asid_t ucred_getasid(const ucred_t *uc); |
1798 extern const au_mask_t *ucred_getamask(const ucred_t *uc); |
1726 extern const au_mask_t *ucred_getamask(const ucred_t *uc); |
1799 |
1727 |
1800 TsolInfoPtr tsolinfo = (TsolInfoPtr) |
1728 TsolInfoPtr tsolinfo = TsolClientPriv(client); |
1801 (client->devPrivates[tsolClientPrivateIndex].ptr); |
|
1802 |
1729 |
1803 /* Get client attributes from the socket */ |
1730 /* Get client attributes from the socket */ |
1804 if (getpeerucred(fd, &uc) == -1) { |
1731 if (getpeerucred(fd, &uc) == -1) { |
1805 tsolinfo->uid = (uid_t)(-1); |
1732 tsolinfo->uid = (uid_t)(-1); |
1806 tsolinfo->sl = NULL; |
1733 tsolinfo->sl = NULL; |
1827 priv_emptyset(tsolinfo->privs); |
1754 priv_emptyset(tsolinfo->privs); |
1828 } else { |
1755 } else { |
1829 priv_copyset(privs, tsolinfo->privs); |
1756 priv_copyset(privs, tsolinfo->privs); |
1830 } |
1757 } |
1831 } else { |
1758 } else { |
1832 priv_fillset(tsolinfo->privs); |
1759 priv_fillset(tsolinfo->privs); |
1833 } |
1760 } |
1834 } |
1761 } |
1835 |
1762 |
1836 tsolinfo->priv_debug = FALSE; |
1763 tsolinfo->priv_debug = FALSE; |
1837 |
1764 |
1838 |
1765 |
1839 /* |
1766 /* |
1840 * For remote hosts, the uid is determined during access control |
1767 * For remote hosts, the uid is determined during access control |
1841 * using Secure RPC |
1768 * using Secure RPC |
1842 */ |
1769 */ |
1843 if (tsolinfo->zid == (zoneid_t)-1) { |
1770 if (tsolinfo->zid == (zoneid_t)-1) { |
1844 tsolinfo->client_type = CLIENT_REMOTE; |
1771 tsolinfo->client_type = CLIENT_REMOTE; |
1845 } else { |
1772 } else { |
1846 tsolinfo->client_type = CLIENT_LOCAL; |
1773 tsolinfo->client_type = CLIENT_LOCAL; |
1847 } |
1774 } |
1848 |
1775 |
1849 |
1776 |
1850 /* Set Trusted Path for local clients */ |
1777 /* Set Trusted Path for local clients */ |
1851 if (tsolinfo->zid == GLOBAL_ZONEID) { |
1778 if (tsolinfo->zid == GLOBAL_ZONEID) { |
1852 tsolinfo->trusted_path = TRUE; |
1779 tsolinfo->trusted_path = TRUE; |
1853 }else { |
1780 }else { |
1854 tsolinfo->trusted_path = FALSE; |
1781 tsolinfo->trusted_path = FALSE; |
1855 } |
1782 } |
1856 |
1783 |
1857 if (tsolinfo->trusted_path || !tsolMultiLevel) |
1784 if (tsolinfo->trusted_path || !tsolMultiLevel) |
1858 client->trustLevel = XSecurityClientTrusted; |
1785 setClientTrustLevel(client, XSecurityClientTrusted); |
1859 else |
1786 else |
1860 client->trustLevel = XSecurityClientUntrusted; |
1787 setClientTrustLevel(client, XSecurityClientUntrusted); |
1861 |
1788 |
1862 tsolinfo->forced_trust = 0; |
1789 tsolinfo->forced_trust = 0; |
1863 tsolinfo->iaddr = 0; |
1790 tsolinfo->iaddr = 0; |
1864 |
1791 |
1865 bsllow(&admin_low); |
1792 bsllow(&admin_low); |
1868 namelen = sizeof (tsolinfo->saddr); |
1795 namelen = sizeof (tsolinfo->saddr); |
1869 if (getpeername(fd, (struct sockaddr *)&tsolinfo->saddr, &namelen) == 0 |
1796 if (getpeername(fd, (struct sockaddr *)&tsolinfo->saddr, &namelen) == 0 |
1870 && (tsolinfo->client_type == CLIENT_REMOTE)) { |
1797 && (tsolinfo->client_type == CLIENT_REMOTE)) { |
1871 int errcode; |
1798 int errcode; |
1872 char hostbuf[NI_MAXHOST]; |
1799 char hostbuf[NI_MAXHOST]; |
1873 tsol_host_type_t host_type; |
1800 tsol_host_type_t host_type; |
1874 struct sockaddr sname; |
|
1875 extern tsol_host_type_t tsol_getrhtype(char *); |
1801 extern tsol_host_type_t tsol_getrhtype(char *); |
1876 |
1802 |
1877 /* Use NI_NUMERICHOST to avoid DNS lookup */ |
1803 /* Use NI_NUMERICHOST to avoid DNS lookup */ |
1878 errcode = getnameinfo((struct sockaddr *)&(tsolinfo->saddr), namelen, |
1804 errcode = getnameinfo((struct sockaddr *)&(tsolinfo->saddr), namelen, |
1879 hostbuf, sizeof(hostbuf), NULL, 0, NI_NUMERICHOST); |
1805 hostbuf, sizeof(hostbuf), NULL, 0, NI_NUMERICHOST); |
1880 |
1806 |
1881 if (errcode) { |
1807 if (errcode) { |
1882 perror(gai_strerror(errcode)); |
1808 perror(gai_strerror(errcode)); |
1883 } else { |
1809 } else { |
1884 host_type = tsol_getrhtype(hostbuf); |
1810 host_type = tsol_getrhtype(hostbuf); |
1885 if ((host_type == SUN_CIPSO) && |
1811 if ((host_type == SUN_CIPSO) && |
1886 blequal(tsolinfo->sl, &admin_low)) { |
1812 blequal(tsolinfo->sl, &admin_low)) { |
1887 tsolinfo->trusted_path = TRUE; |
1813 tsolinfo->trusted_path = TRUE; |
1888 client->trustLevel = XSecurityClientTrusted; |
1814 setClientTrustLevel(client, |
|
1815 XSecurityClientTrusted); |
1889 priv_fillset(tsolinfo->privs); |
1816 priv_fillset(tsolinfo->privs); |
1890 } |
1817 } |
1891 } |
1818 } |
1892 } |
1819 } |
1893 |
1820 |
1949 memset(cred_area, 0, sizeof(cred_area)); |
1874 memset(cred_area, 0, sizeof(cred_area)); |
1950 memset(verf_area, 0, sizeof(verf_area)); |
1875 memset(verf_area, 0, sizeof(verf_area)); |
1951 |
1876 |
1952 msg.rm_call.cb_cred.oa_base = cred_area; |
1877 msg.rm_call.cb_cred.oa_base = cred_area; |
1953 msg.rm_call.cb_verf.oa_base = verf_area; |
1878 msg.rm_call.cb_verf.oa_base = verf_area; |
1954 tsol_why = AUTH_FAILED; |
1879 tsol_why = AUTH_FAILED; |
1955 xdrmem_create(&xdr, temp_inmsg, len, XDR_DECODE); |
1880 xdrmem_create(&xdr, temp_inmsg, len, XDR_DECODE); |
1956 |
1881 |
1957 if ((r.rq_clntcred = (caddr_t) xalloc(MAX_AUTH_BYTES)) == NULL) |
1882 if ((r.rq_clntcred = (caddr_t) xalloc(MAX_AUTH_BYTES)) == NULL) |
1958 goto bad1; |
1883 goto bad1; |
1959 r.rq_xprt = &xprt; |
1884 r.rq_xprt = &xprt; |
1960 |
1885 |
1961 /* decode into msg */ |
1886 /* decode into msg */ |
1962 res0 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_cred)); |
1887 res0 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_cred)); |
1963 res1 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_verf)); |
1888 res1 = xdr_opaque_auth(&xdr, &(msg.rm_call.cb_verf)); |
1964 if ( ! (res0 && res1) ) |
1889 if ( ! (res0 && res1) ) |
1965 goto bad2; |
1890 goto bad2; |
1966 |
1891 |
1967 /* do the authentication */ |
1892 /* do the authentication */ |
1976 #else |
1901 #else |
1977 if ((tsol_why = _authenticate(&r, &msg)) != AUTH_OK) { |
1902 if ((tsol_why = _authenticate(&r, &msg)) != AUTH_OK) { |
1978 #endif |
1903 #endif |
1979 goto bad2; |
1904 goto bad2; |
1980 } |
1905 } |
1981 return (((struct authdes_cred *) r.rq_clntcred)->adc_fullname.name); |
1906 return (((struct authdes_cred *) r.rq_clntcred)->adc_fullname.name); |
1982 |
1907 |
1983 bad2: |
1908 bad2: |
1984 Xfree(r.rq_clntcred); |
1909 Xfree(r.rq_clntcred); |
1985 bad1: |
1910 bad1: |
1986 return ((char *)0); /* ((struct authdes_cred *) NULL); */ |
1911 return ((char *)0); /* ((struct authdes_cred *) NULL); */ |
1987 } |
1912 } |
|
1913 |
1988 static Bool |
1914 static Bool |
1989 TsolCheckNetName (unsigned char *addr, short len, pointer closure) |
1915 TsolCheckNetName (unsigned char *addr, short len, pointer closure) |
1990 { |
1916 { |
1991 return (len == (short) strlen ((char *) closure) && |
1917 return (len == (short) strlen ((char *) closure) && |
1992 strncmp ((char *) addr, (char *) closure, len) == 0); |
1918 strncmp ((char *) addr, (char *) closure, len) == 0); |
1993 } |
1919 } |
1994 |
1920 |
1995 |
1921 |
1996 XID |
1922 XID |
1997 TsolCheckAuthorization(unsigned int name_length, char *name, unsigned int data_length, |
1923 TsolCheckAuthorization(unsigned int name_length, char *name, unsigned int data_length, |
1998 char *data, ClientPtr client, char **reason) |
1924 char *data, ClientPtr client, char **reason) |
1999 { |
1925 { |
2000 char domainname[128]; |
1926 char domainname[128]; |
2001 char netname[128]; |
1927 char netname[128]; |
2002 char audit_ret; |
1928 char audit_ret; |
2015 if (strncmp(name, SECURE_RPC_AUTH, (size_t)name_length) == 0) { |
1941 if (strncmp(name, SECURE_RPC_AUTH, (size_t)name_length) == 0) { |
2016 fullname = tsol_authdes_decode(data, data_length); |
1942 fullname = tsol_authdes_decode(data, data_length); |
2017 if (fullname == NULL) { |
1943 if (fullname == NULL) { |
2018 ErrorF("Unable to authenticate Secure RPC client"); |
1944 ErrorF("Unable to authenticate Secure RPC client"); |
2019 } else { |
1945 } else { |
2020 if (netname2user(fullname, |
1946 if (netname2user(fullname, |
2021 &client_uid, &client_gid, |
1947 &client_uid, &client_gid, |
2022 &client_gidlen, &client_gidlist)) { |
1948 &client_gidlen, &client_gidlist)) { |
2023 tsolinfo->uid = client_uid; |
1949 tsolinfo->uid = client_uid; |
2024 } else { |
1950 } else { |
2025 ErrorF("netname2user failed"); |
1951 ErrorF("netname2user failed"); |
2026 } |
1952 } |
2027 } |
1953 } |
2028 } |
1954 } |
2029 } |
1955 } |
2030 |
1956 |
2031 if (tsolinfo->uid == (uid_t)-1) { |
1957 if (tsolinfo->uid == (uid_t)-1) { |
2032 tsolinfo->uid = UID_NOBODY; /* uid not available */ |
1958 tsolinfo->uid = UID_NOBODY; /* uid not available */ |
2033 } |
1959 } |
2034 |
1960 |
2035 /* |
1961 /* |
2036 * For multilevel desktop, limit connections to the trusted path |
1962 * For multilevel desktop, limit connections to the trusted path |
2037 * i.e. global zone until a user logs in and the trusted stripe |
1963 * i.e. global zone until a user logs in and the trusted stripe |
2038 * is in place. Unlabeled connections are rejected. |
1964 * is in place. Unlabeled connections are rejected. |
2039 */ |
1965 */ |
2040 if ((OwnerUID == (uid_t )(-1)) || (tsolMultiLevel && tpwin == NULL)) { |
1966 if ((OwnerUID == (uid_t )(-1)) || (tsolMultiLevel && tpwin == NULL)) { |
2041 if (HasTrustedPath(tsolinfo)) { |
1967 if (HasTrustedPath(tsolinfo)) { |
2042 auth_token = CheckAuthorization(name_length, name, data_length, |
1968 auth_token = CheckAuthorization(name_length, name, data_length, |
2043 data, client, reason); |
1969 data, client, reason); |
2044 } |
1970 } |
2045 } else { |
1971 } else { |
2046 /* |
1972 /* |
2047 * Workstation Owner set, client must be within label |
1973 * Workstation Owner set, client must be within label |
2048 * range or have trusted path |
1974 * range or have trusted path |
2049 */ |
1975 */ |
2050 if (tsolinfo->uid == OwnerUID) { |
1976 if (tsolinfo->uid == OwnerUID) { |
2051 if (tsolinfo->sl != NULL && |
1977 if ((tsolinfo->sl != NULL && |
2052 (bldominates(tsolinfo->sl, &SessionLO) && |
1978 (bldominates(tsolinfo->sl, &SessionLO) && |
2053 bldominates(&SessionHI, tsolinfo->sl)) || |
1979 bldominates(&SessionHI, tsolinfo->sl))) || |
2054 (HasTrustedPath(tsolinfo))) { |
1980 (HasTrustedPath(tsolinfo))) { |
2055 auth_token = (XID)(tsolinfo->uid); |
1981 auth_token = (XID)(tsolinfo->uid); |
2056 } |
1982 } |
2057 } else { |
1983 } else { |
2058 /* Allow root from global zone */ |
1984 /* Allow root from global zone */ |
2059 if (tsolinfo->uid == 0 && HasTrustedPath(tsolinfo)) { |
1985 if (tsolinfo->uid == 0 && HasTrustedPath(tsolinfo)) { |
2060 auth_token = (XID)(tsolinfo->uid); |
1986 auth_token = (XID)(tsolinfo->uid); |
2061 } else { |
1987 } else { |
2062 /* |
1988 /* |
2063 * Access check based on uid. Check if |
1989 * Access check based on uid. Check if |
2064 * roles or other uids have been added by |
1990 * roles or other uids have been added by |
2065 * xhost +role@ |
1991 * xhost +role@ |
2066 */ |
1992 */ |
2067 getdomainname(domainname, sizeof(domainname)); |
1993 getdomainname(domainname, sizeof(domainname)); |
2152 (keyc->state != 0 && keyc->state == hotkey.altshift))) |
2084 (keyc->state != 0 && keyc->state == hotkey.altshift))) |
2153 HandleHotKey(); |
2085 HandleHotKey(); |
2154 } |
2086 } |
2155 } |
2087 } |
2156 |
2088 |
2157 static char |
2089 static CALLBACK( |
2158 TsolCheckPropertyAccess(ClientPtr client, WindowPtr pWin, ATOM propertyName, |
2090 TsolCheckPropertyAccess) |
2159 Mask access_mode) |
2091 { |
2160 { |
2092 XacePropertyAccessRec *rec = (XacePropertyAccessRec *) calldata; |
2161 char action; |
2093 ClientPtr client = rec->client; |
2162 PropertyPtr pProp; |
2094 WindowPtr pWin = rec->pWin; |
2163 |
2095 PropertyPtr pProp = *rec->ppProp; |
2164 pProp = wUserProps (pWin); |
2096 Atom propertyName = pProp->propertyName; |
2165 while (pProp) |
2097 Mask access_mode = rec->access_mode; |
2166 { |
2098 |
2167 if (pProp->propertyName == propertyName) |
2099 if (pProp == NULL) { |
2168 break; |
2100 return; |
2169 pProp = pProp->next; |
2101 } |
2170 } |
2102 |
2171 |
2103 if (access_mode & DixReadAccess) { |
2172 if (pProp == NULL) |
2104 if (!PolyProperty(propertyName, pWin) && |
2173 return SecurityAllowOperation; |
2105 xtsol_policy(TSOL_RES_PROPERTY, TSOL_READ, |
2174 |
2106 pProp, client, TSOL_ALL, (void *)MAJOROP)) |
2175 if (access_mode & SecurityReadAccess) { |
2107 rec->status = BadAccess; |
2176 if (!PolyProperty(propertyName, pWin) && |
2108 /* this used to be: |
2177 xtsol_policy(TSOL_RES_PROPERTY, TSOL_READ, |
2109 return SecurityIgnoreOperation; |
2178 pProp, client, TSOL_ALL, (void *)MAJOROP)) |
2110 else |
2179 return SecurityIgnoreOperation; |
2111 return SecurityAllowOperation; |
2180 else |
2112 */ |
2181 return SecurityAllowOperation; |
2113 } |
2182 } |
2114 |
2183 |
2115 if (access_mode & DixWriteAccess) { |
2184 if (access_mode & SecurityWriteAccess) { |
2116 if (!PolyProperty(propertyName, pWin) && |
2185 if (!PolyProperty(propertyName, pWin) && |
2117 xtsol_policy(TSOL_RES_PROPERTY, TSOL_MODIFY, |
2186 xtsol_policy(TSOL_RES_PROPERTY, TSOL_MODIFY, |
2118 pProp, client, TSOL_ALL, (void *)MAJOROP)) |
2187 pProp, client, TSOL_ALL, (void *)MAJOROP)) |
2119 rec->status = BadAccess; |
2188 return SecurityIgnoreOperation; |
2120 /* this used to be: |
2189 else |
2121 return SecurityIgnoreOperation; |
2190 return SecurityAllowOperation; |
2122 else |
2191 } |
2123 return SecurityAllowOperation; |
2192 |
2124 */ |
2193 if (access_mode & SecurityDestroyAccess) { |
2125 } |
2194 if (!PolyProperty(propertyName, pWin) && |
2126 |
2195 xtsol_policy(TSOL_RES_PROPERTY, TSOL_DESTROY, |
2127 if (access_mode & DixDestroyAccess) { |
2196 pProp, client, TSOL_ALL, (void *)MAJOROP)) |
2128 if (!PolyProperty(propertyName, pWin) && |
2197 return SecurityIgnoreOperation; |
2129 xtsol_policy(TSOL_RES_PROPERTY, TSOL_DESTROY, |
2198 else |
2130 pProp, client, TSOL_ALL, (void *)MAJOROP)) |
2199 return SecurityAllowOperation; |
2131 rec->status = BadAccess; |
2200 } |
2132 /* this used to be: |
2201 |
2133 return SecurityIgnoreOperation; |
2202 return SecurityAllowOperation; |
2134 else |
2203 } |
2135 return SecurityAllowOperation; |
2204 |
2136 */ |
|
2137 } |
|
2138 } |
|
2139 |
|
2140 static CALLBACK( |
|
2141 TsolCheckExtensionAccess) |
|
2142 { |
|
2143 XaceExtAccessRec *rec = (XaceExtAccessRec *) calldata; |
|
2144 |
|
2145 if (TsolDisabledExtension(rec->ext->name)) { |
|
2146 rec->status = BadAccess; |
|
2147 } |
|
2148 } |
|
2149 |
|
2150 #ifdef UNUSED |
2205 /* |
2151 /* |
2206 * Return TRUE if host is cipso |
2152 * Return TRUE if host is cipso |
2207 */ |
2153 */ |
2208 int |
2154 int |
2209 host_is_cipso(int fd) |
2155 host_is_cipso(int fd) |
2210 { |
2156 { |
2211 struct sockaddr sname; |
2157 struct sockaddr sname; |
2212 socklen_t namelen; |
2158 socklen_t namelen; |
2213 char *rhost; |
2159 char *rhost; |
2214 tsol_host_type_t host_type; |
2160 tsol_host_type_t host_type; |
2215 struct sockaddr_in *so = (struct sockaddr_in *)&sname; |
2161 struct sockaddr_in *so = (struct sockaddr_in *)&sname; |
2216 extern tsol_host_type_t tsol_getrhtype(char *); |
2162 extern tsol_host_type_t tsol_getrhtype(char *); |
2217 |
2163 |
2218 namelen = sizeof (sname); |
2164 namelen = sizeof (sname); |
2219 if (getpeername(fd, &sname, &namelen) == -1) { |
2165 if (getpeername(fd, &sname, &namelen) == -1) { |