diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-11-05 14:57:49 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-11-05 14:57:49 +0000 |
| commit | c2166f1034cafe467058e46b1391fc62e348cf59 (patch) | |
| tree | d61b1553d8b9cc78bc9920dac5971244182b2e2b /sys/kern/kern_exec.c | |
| parent | 430eab0e437bb1bff7355ce0b173a649c8d75b85 (diff) | |
| download | FreeBSD-src-c2166f1034cafe467058e46b1391fc62e348cf59.zip FreeBSD-src-c2166f1034cafe467058e46b1391fc62e348cf59.tar.gz | |
Hook up the mac_will_execve_transition() and mac_execve_transition()
entrypoints, #ifdef MAC. The supporting logic already existed in
kern_mac.c, so no change there. This permits MAC policies to cause
a process label change as the result of executing a binary --
typically, as a result of executing a specially labeled binary.
For example, the SEBSD port of SELinux/FLASK uses this functionality
to implement TE type transitions on processes using transitioning
binaries, in a manner similar to setuid. Policies not implementing
a notion of transition (all the ones in the tree right now) require
no changes, since the old label data is copied to the new label
via mac_create_cred() even if a transition does occur.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'sys/kern/kern_exec.c')
| -rw-r--r-- | sys/kern/kern_exec.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 3afbd24..4586502 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -167,6 +167,9 @@ kern_execve(td, fname, argv, envv) struct vnode *textvp = NULL; int credential_changing; int textset; +#ifdef MAC + int will_transition; +#endif imgp = &image_params; @@ -436,6 +439,10 @@ interpret: attr.va_uid; credential_changing |= (attr.va_mode & VSGID) && oldcred->cr_gid != attr.va_gid; +#ifdef MAC + will_transition = mac_execve_will_transition(oldcred, imgp->vp); + credential_changing |= will_transition; +#endif if (credential_changing && (imgp->vp->v_mount->mnt_flag & MNT_NOSUID) == 0 && @@ -478,8 +485,16 @@ interpret: change_euid(newcred, euip); if (attr.va_mode & VSGID) change_egid(newcred, attr.va_gid); +#ifdef MAC + if (will_transition) + mac_execve_transition(oldcred, newcred, imgp->vp); +#endif /* * Implement correct POSIX saved-id behavior. + * + * XXXMAC: Note that the current logic will save the + * uid and gid if a MAC domain transition occurs, even + * though maybe it shouldn't. */ change_svuid(newcred, newcred->cr_uid); change_svgid(newcred, newcred->cr_gid); |
