def _access(pid, path, followlink, validlist):
"""check path against the prefixes in validlist, returning 0 if valid, -1
if invalid, and an appropriate errno if there were problems with the
path"""
cpath = tricklib.canonical_path(pid, path, followlink)
if not isinstance(cpath, types.StringType):
return cpath
for d in validlist:
result = 0
if d[0] == '-':
result = -1
d = d[1:]
#print 'considering %s, %s' % (cpath, d)
if string.find(cpath, d) == 0:
if (len(cpath) == len(d) or cpath[len(d)] == '/' or d[-1] == '/'):
return result
return -1
def callbefore(self, pid, call, args):
sign = self.callaccess[call]
tofree = [-1] * 6
if not isinstance(sign, types.TupleType):
return (tofree, None, None, None)
mem = Memory.getMemory(pid)
getarg = mem.get_string
cargs = args[:]
for i in range(len(sign)):
followlink = len(sign[i]) < 2
assert followlink or sign[i][1] == 'l'
p = getarg(args[i])
p = self.mappath(
p
) # This is still not quite good -- user could pass /home////johanka and bypass this
p = tricklib.canonical_path(pid, p, followlink) # Resolve to FQN
if not isinstance(p, types.StringType):
# print 'Panic: what to do when canonical path fails:', p, '(', getarg(args[i]), ')'
# FIXME: We need to kill it in order to prevent bad races. But killing it means problems for creat!
return (tofree, -p, None, None)
p = self.mappath(p)
tofree[i], cargs[i] = scratch.alloc_str(p)
# don't mess with creation of relative symlinks
if call == 'symlink':
if mem.get_string(args[0])[0] != '/':
cargs[0] = args[0]
if call == 'open':
# FIXME:
# if we allow user to do ln -s a b without permissions for a, and
# user tries to access /tmp/b/local/bin...
# cargs[1] = cargs[1] | os.O_NOFOLLOW
cargs[1] = cargs[
1] | 0400000 # Not supported by python, yet. This is true for 386
if call == 'creat':
print "Creat disabled, should be modified to open"
return (tofree, -errno.EFAULT, None, None
) # Creat should be rewritten to open()
return (tofree, None, None, cargs)
def _access(pid, path, followlink, validlist):
"""check path against the prefixes in validlist, returning 0 if valid, -1
if invalid, and an appropriate errno if there were problems with the
path"""
cpath = tricklib.canonical_path(pid, path, followlink)
if not isinstance(cpath, types.StringType):
return cpath
for d in validlist:
result = 0
if d[0] == '-':
result = -1
d = d[1:]
#print 'considering %s, %s' % (cpath, d)
if string.find(cpath, d) == 0:
if (len(cpath) == len(d)
or cpath[len(d)] == '/'
or d[-1] == '/'):
return result
return -1
def access(self, pid, path, call, op, followlink, validlist):
"""check path against the prefixes in validlist, returning 0 if valid, -1
if invalid, and an appropriate errno if there were problems with the
path"""
cpath = tricklib.canonical_path(pid, path, followlink)
if not isinstance(cpath, types.StringType):
return cpath
for d in validlist:
c = d[0]
d = d[1:]
if string.find(cpath, d) == 0:
if (len(cpath) == len(d)
or cpath[len(d)] == '/'
or d[-1] == '/'):
if c == '-': return -1;
if c == '+': return 0;
if c == '%':
r = self.file_is_public(cpath)
if r != -1: return r
if c == '?': return self.ask_question(cpath, call, op)
return -1
def callbefore(self, pid, call, args):
sign = self.callaccess[call]
tofree = [-1] * 6
if not isinstance(sign, types.TupleType):
return (tofree, None, None, None)
mem = Memory.getMemory(pid)
getarg = mem.get_string
cargs = args[:]
for i in range(len(sign)):
followlink = len(sign[i]) < 2
assert followlink or sign[i][1] == 'l'
p = getarg(args[i])
p = self.mappath(p) # This is still not quite good -- user could pass /home////johanka and bypass this
p = tricklib.canonical_path(pid, p, followlink) # Resolve to FQN
if not isinstance(p, types.StringType):
# print 'Panic: what to do when canonical path fails:', p, '(', getarg(args[i]), ')'
# FIXME: We need to kill it in order to prevent bad races. But killing it means problems for creat!
return (tofree, -p, None, None)
p = self.mappath(p)
tofree[i], cargs[i] = scratch.alloc_str(p)
# don't mess with creation of relative symlinks
if call=='symlink':
if mem.get_string(args[0])[0] != '/':
cargs[0] = args[0]
if call=='open':
# FIXME:
# if we allow user to do ln -s a b without permissions for a, and
# user tries to access /tmp/b/local/bin...
# cargs[1] = cargs[1] | os.O_NOFOLLOW
cargs[1] = cargs[1] | 0400000 # Not supported by python, yet. This is true for 386
if call=='creat':
print "Creat disabled, should be modified to open"
return (tofree, -errno.EFAULT, None, None) # Creat should be rewritten to open()
return (tofree, None, None, cargs)