[23258] trunk/launchd/src/launchd_core

Revision: 23258
Author: zarzycki@apple.com
Date: 2007-05-22 10:05:17 -0700 (Tue, 22 May 2007)

Log Message

Security checks.

Modified Paths

trunk/launchd/src/launchd_core_logic.c

Diff

Modified: trunk/launchd/src/launchd_core_logic.c (23257 => 23258)


--- trunk/launchd/src/launchd_core_logic.c	2007-05-18 19:37:43 UTC (rev 23257)
+++ trunk/launchd/src/launchd_core_logic.c	2007-05-22 17:05:17 UTC (rev 23258)
@@ -4587,11 +4587,18 @@
 	launch_data_t input_obj, output_obj;
 	size_t data_offset = 0;
 	size_t packed_size;
+	struct ldcred ldc;
 
+	runtime_get_caller_creds(&ldc);
+
 	if (!launchd_assumes(j != NULL)) {
 		return BOOTSTRAP_NO_MEMORY;
 	}
 
+	if (inkey && ldc.euid && ldc.euid != getuid()) {
+		return BOOTSTRAP_NOT_PRIVILEGED;
+	}
+
 	if (inkey && outkey && !job_assumes(j, inkey == outkey)) {
 		return 1;
 	}
@@ -4673,12 +4680,19 @@
 {
 	const char *action;
 	kern_return_t kr = 0;
+	struct ldcred ldc;
 	int oldmask;
 
+	runtime_get_caller_creds(&ldc);
+
 	if (!launchd_assumes(j != NULL)) {
 		return BOOTSTRAP_NO_MEMORY;
 	}
 
+	if (inkey && ldc.euid && ldc.euid != getuid()) {
+		return BOOTSTRAP_NOT_PRIVILEGED;
+	}
+
 	if (inkey && outkey && !job_assumes(j, inkey == outkey)) {
 		return 1;
 	}