[launchd-changes] [23258] trunk/launchd/src/launchd_core_logic.c
source_changes at macosforge.org
source_changes at macosforge.org
Tue May 22 10:05:18 PDT 2007
Revision: 23258
http://trac.macosforge.org/projects/launchd/changeset/23258
Author: zarzycki at apple.com
Date: 2007-05-22 10:05:17 -0700 (Tue, 22 May 2007)
Log Message:
-----------
Security checks.
Modified Paths:
--------------
trunk/launchd/src/launchd_core_logic.c
Modified: trunk/launchd/src/launchd_core_logic.c
===================================================================
--- trunk/launchd/src/launchd_core_logic.c 2007-05-18 19:37:43 UTC (rev 23257)
+++ trunk/launchd/src/launchd_core_logic.c 2007-05-22 17:05:17 UTC (rev 23258)
@@ -4587,11 +4587,18 @@
launch_data_t input_obj, output_obj;
size_t data_offset = 0;
size_t packed_size;
+ struct ldcred ldc;
+ runtime_get_caller_creds(&ldc);
+
if (!launchd_assumes(j != NULL)) {
return BOOTSTRAP_NO_MEMORY;
}
+ if (inkey && ldc.euid && ldc.euid != getuid()) {
+ return BOOTSTRAP_NOT_PRIVILEGED;
+ }
+
if (inkey && outkey && !job_assumes(j, inkey == outkey)) {
return 1;
}
@@ -4673,12 +4680,19 @@
{
const char *action;
kern_return_t kr = 0;
+ struct ldcred ldc;
int oldmask;
+ runtime_get_caller_creds(&ldc);
+
if (!launchd_assumes(j != NULL)) {
return BOOTSTRAP_NO_MEMORY;
}
+ if (inkey && ldc.euid && ldc.euid != getuid()) {
+ return BOOTSTRAP_NOT_PRIVILEGED;
+ }
+
if (inkey && outkey && !job_assumes(j, inkey == outkey)) {
return 1;
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/launchd-changes/attachments/20070522/6a74c220/attachment.html
More information about the launchd-changes
mailing list