The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/security/mac_seeotheruids/mac_seeotheruids.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
    3  * Copyright (c) 2001-2002 Networks Associates Technology, Inc.
    4  * All rights reserved.
    5  *
    6  * This software was developed by Robert Watson for the TrustedBSD Project.
    7  *
    8  * This software was developed for the FreeBSD Project in part by Network
    9  * Associates Laboratories, the Security Research Division of Network
   10  * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
   11  * as part of the DARPA CHATS research program.
   12  *
   13  * Redistribution and use in source and binary forms, with or without
   14  * modification, are permitted provided that the following conditions
   15  * are met:
   16  * 1. Redistributions of source code must retain the above copyright
   17  *    notice, this list of conditions and the following disclaimer.
   18  * 2. Redistributions in binary form must reproduce the above copyright
   19  *    notice, this list of conditions and the following disclaimer in the
   20  *    documentation and/or other materials provided with the distribution.
   21  *
   22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   32  * SUCH DAMAGE.
   33  *
   34  * $FreeBSD$
   35  */
   36 
   37 /*
   38  * Developed by the TrustedBSD Project.
   39  *
   40  * Prevent processes owned by a particular uid from seeing various transient
   41  * kernel objects associated with other uids.
   42  */
   43 
   44 #include <sys/param.h>
   45 #include <sys/kernel.h>
   46 #include <sys/module.h>
   47 #include <sys/priv.h>
   48 #include <sys/proc.h>
   49 #include <sys/systm.h>
   50 #include <sys/socketvar.h>
   51 #include <sys/sysctl.h>
   52 
   53 #include <security/mac/mac_policy.h>
   54 
   55 SYSCTL_DECL(_security_mac);
   56 
   57 SYSCTL_NODE(_security_mac, OID_AUTO, seeotheruids, CTLFLAG_RW, 0,
   58     "TrustedBSD mac_seeotheruids policy controls");
   59 
   60 static int      mac_seeotheruids_enabled = 1;
   61 SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, enabled, CTLFLAG_RW,
   62     &mac_seeotheruids_enabled, 0, "Enforce seeotheruids policy");
   63 
   64 /*
   65  * Exception: allow credentials to be aware of other credentials with the
   66  * same primary gid.
   67  */
   68 static int      primarygroup_enabled = 0;
   69 SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, primarygroup_enabled,
   70     CTLFLAG_RW, &primarygroup_enabled, 0, "Make an exception for credentials "
   71     "with the same real primary group id");
   72 
   73 /*
   74  * Exception: allow the root user to be aware of other credentials by virtue
   75  * of privilege.
   76  */
   77 static int      suser_privileged = 1;
   78 SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, suser_privileged,
   79     CTLFLAG_RW, &suser_privileged, 0, "Make an exception for superuser");
   80 
   81 /*
   82  * Exception: allow processes with a specific gid to be exempt from the
   83  * policy.  One sysctl enables this functionality; the other sets the
   84  * exempt gid.
   85  */
   86 static int      specificgid_enabled = 0;
   87 SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, specificgid_enabled,
   88     CTLFLAG_RW, &specificgid_enabled, 0, "Make an exception for credentials "
   89     "with a specific gid as their real primary group id or group set");
   90 
   91 static gid_t    specificgid = 0;
   92 SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, specificgid, CTLFLAG_RW,
   93     &specificgid, 0, "Specific gid to be exempt from seeotheruids policy");
   94 
   95 static int
   96 mac_seeotheruids_check(struct ucred *cr1, struct ucred *cr2)
   97 {
   98 
   99         if (!mac_seeotheruids_enabled)
  100                 return (0);
  101 
  102         if (primarygroup_enabled) {
  103                 if (cr1->cr_rgid == cr2->cr_rgid)
  104                         return (0);
  105         }
  106 
  107         if (specificgid_enabled) {
  108                 if (cr1->cr_rgid == specificgid ||
  109                     groupmember(specificgid, cr1))
  110                         return (0);
  111         }
  112 
  113         if (cr1->cr_ruid == cr2->cr_ruid)
  114                 return (0);
  115 
  116         if (suser_privileged) {
  117                 if (priv_check_cred(cr1, PRIV_SEEOTHERUIDS, 0) == 0)
  118                         return (0);
  119         }
  120 
  121         return (ESRCH);
  122 }
  123 
  124 static int
  125 mac_seeotheruids_check_cred_visible(struct ucred *cr1, struct ucred *cr2)
  126 {
  127 
  128         return (mac_seeotheruids_check(cr1, cr2));
  129 }
  130 
  131 static int
  132 mac_seeotheruids_check_proc_signal(struct ucred *cred, struct proc *p,
  133     int signum)
  134 {
  135 
  136         return (mac_seeotheruids_check(cred, p->p_ucred));
  137 }
  138 
  139 static int
  140 mac_seeotheruids_check_proc_sched(struct ucred *cred, struct proc *p)
  141 {
  142 
  143         return (mac_seeotheruids_check(cred, p->p_ucred));
  144 }
  145 
  146 static int
  147 mac_seeotheruids_check_proc_debug(struct ucred *cred, struct proc *p)
  148 {
  149 
  150         return (mac_seeotheruids_check(cred, p->p_ucred));
  151 }
  152 
  153 static int
  154 mac_seeotheruids_check_socket_visible(struct ucred *cred, struct socket *so,
  155     struct label *solabel)
  156 {
  157 
  158         return (mac_seeotheruids_check(cred, so->so_cred));
  159 }
  160 
  161 static struct mac_policy_ops mac_seeotheruids_ops =
  162 {
  163         .mpo_check_cred_visible = mac_seeotheruids_check_cred_visible,
  164         .mpo_check_proc_debug = mac_seeotheruids_check_proc_debug,
  165         .mpo_check_proc_sched = mac_seeotheruids_check_proc_sched,
  166         .mpo_check_proc_signal = mac_seeotheruids_check_proc_signal,
  167         .mpo_check_socket_visible = mac_seeotheruids_check_socket_visible,
  168 };
  169 
  170 MAC_POLICY_SET(&mac_seeotheruids_ops, mac_seeotheruids,
  171     "TrustedBSD MAC/seeotheruids", MPC_LOADTIME_FLAG_UNLOADOK, NULL);

Cache object: 082a33abb4a0fa0bf30bdde28410d2ef


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.