PERFORCE change 164665 for review
Jonathan Anderson
jona at FreeBSD.org
Thu Jun 18 13:28:01 UTC 2009
http://perforce.freebsd.org/chv.cgi?CH=164665
Change 164665 by jona at jona-trustedbsd-kentvm on 2009/06/18 13:27:43
A nice little (non-Qt) demo: demonstrate that the sandbox works, ask the user_angel to open files, pop up a powerbox and show that, even though the file was opened with O_RDWR, the capabilities system prevents write() operations
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/protocol.c#12 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/server.c#8 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/test_client.c#9 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/protocol.c#12 (text+ko) ====
@@ -457,7 +457,8 @@
int bytes_sent = sendmsg(sock, &header, 0);
if(bytes_sent < 0)
{
- perror("Error sending data and file descriptor(s)");
+ sprintf(errmsg, "Error sending data and file descriptors: %i (%s)",
+ errno, strerror(errno));
free(anc_hdr);
return -1;
}
@@ -488,7 +489,8 @@
}
else if(bytes < 0)
{
- perror("Error peeking at socket");
+ sprintf(errmsg, "Error peeking at socket: %i (%s)",
+ errno, strerror(errno));
return NULL;
}
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/server.c#8 (text+ko) ====
@@ -243,7 +243,7 @@
if(!d)
{
- if((errno == ENOENT) || (errno == ECONNRESET))
+ if((errno == ENOENT) || (errno == ECONNRESET) || (errno == EAGAIN))
close_client(client, errno, "Client socket closed");
else perror("Error receiving from client");
@@ -360,7 +360,8 @@
if(cap_send_fd(client, d, &cap, 1) < 0)
{
- perror("Error sending FD");
+ sprintf(current_error, "Error sending FD: %i (%s)",
+ errno, strerror(errno));
return -1;
}
close(cap);
@@ -433,8 +434,14 @@
void close_client(int client, int errnum, const char *reason)
{
- printf("Client %4i: Closing (errno: %i/'%s', reason: '%s')\n",
- client, errnum, strerror(errnum), reason);
+ printf("Client %4i: Closing", client);
+
+ if((errnum == ECONNRESET) || (errnum == EAGAIN))
+ printf(" (client connection closed)");
+ else
+ printf(" (errno: %i/'%s', reason: '%s')",
+ errnum, strerror(errnum), reason);
+ printf("\n");
cap_send(client, cap_marshall_error(errnum, reason, strlen(reason)));
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/test_client.c#9 (text+ko) ====
@@ -63,7 +63,7 @@
open_file(fd_angel, "/etc/group", O_RDONLY, CAP_FSTAT | CAP_READ | CAP_SEEK);
open_file(fd_angel, "/etc/passwd", O_RDONLY, CAP_FSTAT | CAP_READ | CAP_WRITE | CAP_SEEK);
- open_powerbox(fd_angel, "~/Desktop/", "*.gz", 0x2a00003);
+ open_powerbox(fd_angel, "~/Desktop/", "*.txt", 0x2a00003);
return 0;
}
@@ -121,7 +121,8 @@
int fdcount;
if(cap_unmarshall_int(fdcountd, &fdcount) < 0)
{
- fprintf(stderr, "Error unmarshalling FD count: %s\n", cap_protocol_error());
+ fprintf(stderr, "Error unmarshalling FD count: %s\n",
+ cap_protocol_error());
return;
}
@@ -144,6 +145,7 @@
}
test_fd(fd, name);
+ close(fd);
}
}
@@ -161,7 +163,7 @@
options.filter = filter;
options.filterlen = strlen(filter);
options.flags = O_RDWR;
- options.rights = CAP_FSTAT | CAP_READ | CAP_WRITE | CAP_SEEK;
+ options.rights = CAP_FSTAT | CAP_READ | CAP_SEEK;
struct cap_wire_datum *data[2];
@@ -183,7 +185,11 @@
int fdcount;
if(cap_unmarshall_int(fdcountd, &fdcount) < 0)
- err(EX_SOFTWARE, "Error unmarshalling FD count");
+ {
+ fprintf(stderr, "Error unmarshalling FD count: %s\n",
+ cap_protocol_error());
+ return;
+ }
for(int i = 0; i < fdcount; i++)
{
@@ -204,6 +210,11 @@
}
test_fd(fd, name);
+
+ if(write(fd, "OVERWRITING", 12) < 0)
+ perror("Error overwriting file");
+
+ close(fd);
}
}
@@ -214,17 +225,10 @@
FILE *rf = fdopen(fd, "r");
if(!rf) err(EX_IOERR, "Error opening %s", name);
- printf("Opened %s for reading\n", name);
- fclose(rf);
+ else printf("Opened %s for reading\n", name);
- FILE *wf = fdopen(fd, "w");
- if(wf)
- {
- printf("Opened %s for writing\n", name);
- fclose(wf);
- }
+ FILE *wf = fdopen(fd, "a");
+ if(wf) printf("Opened %s for writing\n", name);
else printf("Couldn't open %s for writing\n", name);
-
- close(fd);
}
More information about the p4-projects
mailing list