Revision: 23258 http://trac.macosforge.org/projects/launchd/changeset/23258 Author: zarzycki@apple.com Date: 2007-05-22 10:05:17 -0700 (Tue, 22 May 2007) Log Message: ----------- Security checks. Modified Paths: -------------- trunk/launchd/src/launchd_core_logic.c Modified: trunk/launchd/src/launchd_core_logic.c =================================================================== --- trunk/launchd/src/launchd_core_logic.c 2007-05-18 19:37:43 UTC (rev 23257) +++ trunk/launchd/src/launchd_core_logic.c 2007-05-22 17:05:17 UTC (rev 23258) @@ -4587,11 +4587,18 @@ launch_data_t input_obj, output_obj; size_t data_offset = 0; size_t packed_size; + struct ldcred ldc; + runtime_get_caller_creds(&ldc); + if (!launchd_assumes(j != NULL)) { return BOOTSTRAP_NO_MEMORY; } + if (inkey && ldc.euid && ldc.euid != getuid()) { + return BOOTSTRAP_NOT_PRIVILEGED; + } + if (inkey && outkey && !job_assumes(j, inkey == outkey)) { return 1; } @@ -4673,12 +4680,19 @@ { const char *action; kern_return_t kr = 0; + struct ldcred ldc; int oldmask; + runtime_get_caller_creds(&ldc); + if (!launchd_assumes(j != NULL)) { return BOOTSTRAP_NO_MEMORY; } + if (inkey && ldc.euid && ldc.euid != getuid()) { + return BOOTSTRAP_NOT_PRIVILEGED; + } + if (inkey && outkey && !job_assumes(j, inkey == outkey)) { return 1; }