[launchd-changes] [23487] branches/SULeopard/launchd/src
source_changes at macosforge.org
source_changes at macosforge.org
Fri Jan 18 13:24:32 PST 2008
Revision: 23487
http://trac.macosforge.org/projects/launchd/changeset/23487
Author: zarzycki at apple.com
Date: 2008-01-18 13:24:30 -0800 (Fri, 18 Jan 2008)
Log Message:
-----------
<rdar://problem/5653227> work with Seatbelt to provide access control on spawn_via_launchd
Modified Paths:
--------------
branches/SULeopard/launchd/src/launchd_core_logic.c
branches/SULeopard/launchd/src/liblaunch_public.h
Modified: branches/SULeopard/launchd/src/launchd_core_logic.c
===================================================================
--- branches/SULeopard/launchd/src/launchd_core_logic.c 2008-01-18 17:50:12 UTC (rev 23486)
+++ branches/SULeopard/launchd/src/launchd_core_logic.c 2008-01-18 21:24:30 UTC (rev 23487)
@@ -361,7 +361,7 @@
currently_ignored:1, forced_peers_to_demand_mode:1, setnice:1, hopefully_exits_last:1, removal_pending:1,
wait4pipe_eof:1, sent_sigkill:1, debug_before_kill:1, weird_bootstrap:1, start_on_mount:1,
per_user:1, hopefully_exits_first:1, deny_unknown_mslookups:1, unload_at_mig_return:1, abandon_pg:1,
- poll_for_vfs_changes:1, internal_exc_handler:1, can_kickstart:1;
+ poll_for_vfs_changes:1, internal_exc_handler:1, deny_job_creation:1;
const char label[0];
};
@@ -1575,10 +1575,10 @@
bool found_key = false;
switch (key[0]) {
- case 'c':
- case 'C':
- if (strcasecmp(key, LAUNCH_JOBPOLICY_CANKICKSTARTOTHERJOBS) == 0) {
- j->can_kickstart = launch_data_get_bool(obj);
+ case 'd':
+ case 'D':
+ if (strcasecmp(key, LAUNCH_JOBPOLICY_DENYCREATINGOTHERJOBS) == 0) {
+ j->deny_job_creation = launch_data_get_bool(obj);
found_key = true;
}
break;
@@ -5140,6 +5140,10 @@
return BOOTSTRAP_NO_MEMORY;
}
+ if (unlikely(j->deny_job_creation)) {
+ return BOOTSTRAP_NOT_PRIVILEGED;
+ }
+
runtime_get_caller_creds(&ldc);
job_log(j, LOG_DEBUG, "Server create attempt: %s", server_cmd);
@@ -6424,16 +6428,21 @@
return BOOTSTRAP_NO_MEMORY;
}
+ if (unlikely(!(otherj = job_find(targetlabel)))) {
+ return BOOTSTRAP_UNKNOWN_SERVICE;
+ }
+
runtime_get_caller_creds(&ldc);
- if (!j->can_kickstart || (ldc.euid != 0 && ldc.euid != geteuid())) {
+ if (ldc.euid != 0 && ldc.euid != geteuid()
+#if TARGET_OS_EMBEDDED
+ && j->username && otherj->username
+ && strcmp(j->username, otherj->username) != 0
+#endif
+ ) {
return BOOTSTRAP_NOT_PRIVILEGED;
}
- if (unlikely(!(otherj = job_find(targetlabel)))) {
- return BOOTSTRAP_UNKNOWN_SERVICE;
- }
-
otherj = job_dispatch(otherj, true);
if (!job_assumes(j, otherj && otherj->p)) {
@@ -6522,6 +6531,10 @@
return BOOTSTRAP_NO_MEMORY;
}
+ if (unlikely(j->deny_job_creation)) {
+ return BOOTSTRAP_NOT_PRIVILEGED;
+ }
+
if (getpid() == 1 && ldc.euid && ldc.uid) {
job_log(j, LOG_DEBUG, "Punting spawn to per-user-context");
return VPROC_ERR_TRY_PER_USER;
Modified: branches/SULeopard/launchd/src/liblaunch_public.h
===================================================================
--- branches/SULeopard/launchd/src/liblaunch_public.h 2008-01-18 17:50:12 UTC (rev 23486)
+++ branches/SULeopard/launchd/src/liblaunch_public.h 2008-01-18 21:24:30 UTC (rev 23487)
@@ -101,7 +101,7 @@
#define LAUNCH_JOBKEY_ABANDONPROCESSGROUP "AbandonProcessGroup"
#define LAUNCH_JOBKEY_POLICIES "Policies"
-#define LAUNCH_JOBPOLICY_CANKICKSTARTOTHERJOBS "CanKickStartOtherJobs"
+#define LAUNCH_JOBPOLICY_DENYCREATINGOTHERJOBS "DenyCreatingOtherJobs"
#define LAUNCH_JOBINETDCOMPATIBILITY_WAIT "Wait"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/launchd-changes/attachments/20080118/ce7ca106/attachment.html
More information about the launchd-changes
mailing list