Changeset 18721 for trunk/base


Ignore:
Timestamp:
Jul 25, 2006, 4:01:34 AM (18 years ago)
Author:
pguyot (Paul Guyot)
Message:

Improvement in tests Makefile.
darwintrace (-t) now also blocks file deletions outside the sandbox.

Location:
trunk/base
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • trunk/base/src/darwintracelib1.0/darwintrace.c

    r18709 r18721  
    44 * All rights reserved.
    55 *
    6  * $Id: darwintrace.c,v 1.15 2006/07/24 05:55:43 pguyot Exp $
     6 * $Id: darwintrace.c,v 1.16 2006/07/25 04:01:33 pguyot Exp $
    77 *
    88 * @APPLE_BSD_LICENSE_HEADER_START@
     
    5959 * DARWINTRACE_SHOW_PROCESS: show the process id of every access
    6060 * DARWINTRACE_LOG_CREATE: log creation of files as well.
    61  * DARWINTRACE_SANDBOX: control creation and writing to files.
     61 * DARWINTRACE_SANDBOX: control creation, deletion and writing to files.
    6262 * DARWINTRACE_LOG_FULL_PATH: use F_GETPATH to log the full path.
    6363 * DARWINTRACE_DEBUG_OUTPUT: verbose output of stuff to debug darwintrace.
     
    332332}
    333333
     334#if DARWINTRACE_SANDBOX
     335/*
     336 * return 1 if path (once normalized) is in sandbox, 0 otherwise.
     337 * return -1 if no sandbox is defined or if the path couldn't be normalized.
     338 */
     339inline int __darwintrace_is_in_sandbox(const char* path) {
     340        int result = -1; /* no sandbox is defined */
     341        __darwintrace_setup();
     342        if (__darwintrace_sandbox_bounds != NULL) {
     343                /* check the path */
     344                char** basePathsCrsr = __darwintrace_sandbox_bounds;
     345                char* basepath = *basePathsCrsr++;
     346                /* normalize the path */
     347                char createpath[MAXPATHLEN];
     348                if (realpath(path, createpath) != NULL) {
     349                        __darwintrace_cleanup_path(createpath);
     350                        /* say it's outside unless it's proved inside */
     351                        result = 0;
     352                        while (basepath != NULL) {
     353                                if (__darwintrace_strbeginswith(createpath, basepath)) {
     354                                        result = 1;
     355                                        break;
     356                                }
     357                                basepath = *basePathsCrsr++;;
     358                        }
     359                } /* otherwise, operation will fail anyway */
     360        }
     361        return result;
     362}
     363#endif
     364
    334365/* Log calls to open(2) into the file specified by DARWINTRACE_LOG.
    335366   Only logs if the DARWINTRACE_LOG environment variable is set.
     
    354385        result = 0;
    355386        if (flags & (O_CREAT | O_APPEND | O_RDWR | O_WRONLY | O_TRUNC)) {
    356                 __darwintrace_setup();
    357                 if (__darwintrace_sandbox_bounds != NULL) {
    358                         /* check the path */
    359                         char** basePathsCrsr = __darwintrace_sandbox_bounds;
    360                         char* basepath = *basePathsCrsr++;
    361                         /* normalize the path */
    362                         char createpath[MAXPATHLEN];
    363                         if (realpath(path, createpath) != NULL) {
    364                                 __darwintrace_cleanup_path(createpath);
    365                                 /* forbid unless allowed */
    366                                 result = -1;
    367                                 while (basepath != NULL) {
    368                                         if (__darwintrace_strbeginswith(createpath, basepath)) {
    369                                                 result = 0;
    370                                                 break;
    371                                         }
    372                                         basepath = *basePathsCrsr++;;
    373                                 }
    374                         } /* otherwise, open will fail anyway */
    375                 }
    376                 if (result == 0) {
     387                int isInSandbox = __darwintrace_is_in_sandbox(path);
     388                if (isInSandbox == 1) {
    377389                        dprintf("darwintrace: creation/writing was allowed at %s\n", path);
     390                } else if (isInSandbox == 0) {
     391                        /* outside sandbox, but sandbox is defined: forbid */
     392                        dprintf("darwintrace: creation/writing was forbidden at %s\n", path);
     393                        __darwintrace_log_op("sandbox_violation", NULL, path, 0);
     394                        errno = EACCES;
     395                        result = -1;
    378396                }
    379397        }
    380398        if (result == 0) {
    381399                result = open(path, flags, mode);
    382         } else {
    383                 dprintf("darwintrace: creation/writing was forbidden at %s\n", path);
    384                 __darwintrace_log_op("sandbox_violation", NULL, path, result);
    385                 errno = EACCES;
    386400        }
    387401#else
     
    527541#undef close
    528542}
     543
     544#if DARWINTRACE_SANDBOX
     545/* Trap attempts to unlink a file outside the sandbox.
     546 */
     547int unlink(const char* path) {
     548#define __unlink(x) syscall(SYS_unlink, (x))
     549        int result = 0;
     550        int isInSandbox = __darwintrace_is_in_sandbox(path);
     551        if (isInSandbox == 1) {
     552                dprintf("darwintrace: unlink was allowed at %s\n", path);
     553        } else if (isInSandbox == 0) {
     554                /* outside sandbox, but sandbox is defined: forbid */
     555                dprintf("darwintrace: unlink was forbidden at %s\n", path);
     556                __darwintrace_log_op("sandbox_violation", NULL, path, 0);
     557                errno = EACCES;
     558                result = -1;
     559        }
     560       
     561        if (result == 0) {
     562                result = __unlink(path);
     563        }
     564       
     565        return result;
     566}
     567#endif

  • trunk/base/src/port1.0/porttrace.tcl

    r18709 r18721  
    22# porttrace.tcl
    33#
    4 # $Id: porttrace.tcl,v 1.17 2006/07/24 05:55:44 pguyot Exp $
     4# $Id: porttrace.tcl,v 1.18 2006/07/25 04:01:34 pguyot Exp $
    55#
    66# Copyright (c) 2005-2006 Paul Guyot <pguyot@kallisys.net>,
     
    118118       
    119119        foreach violation [lsort $violations] {
    120                 ui_warn "A file creation/writing was attempted outside sandbox: $violation"
     120                ui_warn "A file creation/deletion/modification was attempted outside sandbox: $violation"
    121121        }
    122122}

  • trunk/base/tests/Makefile

    r18709 r18721  
    33SUBDIR=checksums-1 envvariables site-tags trace xcodeversion
    44
    5 .PHONY: test
     5.PHONY: test clean
    66
    77all:
     
    2323        @exit 1
    2424       
    25 test: /tmp/darwinports-tests/opt/local/etc/ports/sources.conf
     25test: clean /tmp/darwinports-tests/opt/local/etc/ports/sources.conf
    2626        @for subdir in $(SUBDIR); do\
    2727                echo ===\> test ${DIRPRFX}$$subdir; \
     
    3939                                exit 1; \
    4040                        else \
    41                                 rm -f difference; \
     41                                rm -f difference output.sed; \
    4242                        fi) \
    4343                fi || exit 1; \

  • trunk/base/tests/trace/Makefile

    r18709 r18721  
    99test:
    1010        @PORTSRC=$(PORTSRC) $(bindir)/port clean > /dev/null
     11        @touch delete-trace
    1112        @PORTSRC=$(PORTSRC) $(bindir)/port -t test > output 2>&1 || (cat output; exit 1)
     13        @rm -f delete-trace
    1214        @sed -e "s|${PWD}|PWD|g" < output > output.sed
    1315        @diff output.sed master 2>&1 | tee difference
     
    1517                exit 1; \
    1618        else \
    17                 rm -f difference; \
     19                rm -f difference output.sed; \
    1820        fi

  • trunk/base/tests/trace/Portfile

    r18709 r18721  
    1 # $Id: Portfile,v 1.2 2006/07/24 05:55:44 pguyot Exp $
     1# $Id: Portfile,v 1.3 2006/07/25 04:01:34 pguyot Exp $
    22
    33PortSystem 1.0
     
    2020
    2121test { 
    22         catch {system "rm -f hello-trace && touch hello-trace && rm hello-trace"}
     22        catch {system "rm -f create-trace && touch create-trace && rm create-trace"}
     23        catch {system "rm delete-trace"}
    2324        catch {system "rm -f /tmp/hello-trace && /tmp/hello-trace && rm /tmp/hello-trace"}
    2425}

  • trunk/base/tests/trace/master

    r18709 r18721  
    55--->  Building trace with target all
    66--->  Testing trace
    7 Warning: A file creation/writing was attempted outside sandbox: PWD/hello-trace
     7Warning: A file creation/deletion/modification was attempted outside sandbox: PWD/create-trace
     8Warning: A file creation/deletion/modification was attempted outside sandbox: PWD/delete-trace
Note: See TracChangeset for help on using the changeset viewer.