[rsbac] Sample RSBAC module - PS

Fix 4d876b82 at gmail.com
Fri Sep 7 10:18:35 CEST 2007 

This module allows ordinary users to only view their own processes, while root 
and secoff are allowed to view all processes.

The module is not tested well enough, but seems to work for me.

// wbr
Fix

--------------------------

diff -Naur linux-2.6.22.6-test-0/include/rsbac/types.h 
linux-2.6.22.6-test-1/include/rsbac/types.h
--- linux-2.6.22.6-test-0/include/rsbac/types.h	2007-07-17 22:38:24.000000000 
+0800
+++ linux-2.6.22.6-test-1/include/rsbac/types.h	2007-09-07 16:08:49.000000000 
+0800
@@ -574,7 +574,7 @@
 
 /* For switching adf-modules */
 enum  rsbac_switch_target_t {SW_GEN,SW_MAC,SW_PM,SW_DAZ,SW_FF,SW_RC,SW_AUTH,
-			SW_REG,SW_ACL,SW_CAP,SW_JAIL,SW_RES,SW_PAX,SW_SOFTMODE,
+			SW_REG,SW_ACL,SW_CAP,SW_JAIL,SW_RES,SW_PAX,SW_PS,SW_SOFTMODE,
 			SW_DAC_DISABLE,SW_UM,SW_FREEZE,SW_NONE};
 #define RSBAC_MAX_MOD (SW_SOFTMODE - 1)
 typedef rsbac_enum_t rsbac_switch_target_int_t;
diff -Naur linux-2.6.22.6-test-0/rsbac/adf/adf_main.c 
linux-2.6.22.6-test-1/rsbac/adf/adf_main.c
--- linux-2.6.22.6-test-0/rsbac/adf/adf_main.c	2007-07-17 22:38:44.000000000 
+0800
+++ linux-2.6.22.6-test-1/rsbac/adf/adf_main.c	2007-09-07 15:34:36.000000000 
+0800
@@ -114,6 +114,10 @@
 rsbac_boolean_t rsbac_switch_res = TRUE;
 #endif  /* RES */
 
+#ifdef CONFIG_RSBAC_SWITCH_PS
+rsbac_boolean_t rsbac_switch_ps = TRUE;
+#endif
+
 /************************************************* */
 /*          Internal Help functions                */
 /************************************************* */
@@ -695,6 +699,27 @@
     }
 #endif  /* RES */
 
+#if defined(CONFIG_RSBAC_PS)
+#ifdef CONFIG_RSBAC_SWITCH_PS
+if (rsbac_switch_ps)
+#endif
+	if(ignore_module != SW_PS) {
+		mod_result[SW_PS] = rsbac_adf_request_ps(
+							request,
+							caller_pid,
+							target,
+							*tid_p,
+							attr,
+							*attr_val_p,
+							owner);
+		result = adf_and_plus(result, mod_result[SW_PS]);
+#ifdef CONFIG_RSBAC_SOFTMODE_IND
+	if(!rsbac_ind_softmode[SW_PS])
+		ret_result = adf_and_plus(ret_result, mod_result[SW_PS]);
+#endif
+	}
+#endif
+
 /****** REG *******/
 #if defined(CONFIG_RSBAC_REG)
 if(ignore_module != SW_REG)
diff -Naur linux-2.6.22.6-test-0/rsbac/adf/Makefile 
linux-2.6.22.6-test-1/rsbac/adf/Makefile
--- linux-2.6.22.6-test-0/rsbac/adf/Makefile	2007-07-17 22:38:45.000000000 
+0800
+++ linux-2.6.22.6-test-1/rsbac/adf/Makefile	2007-09-07 15:36:44.000000000 
+0800
@@ -61,11 +61,14 @@
 obj-$(CONFIG_RSBAC_RES) += res/res.o
 endif
 
+subdir-$(CONFIG_RSBAC_PS) += ps
+obj-$(CONFIG_RSBAC_PS) += ps/ps.o
+
 subdir-$(CONFIG_RSBAC_REG) += reg
 obj-$(CONFIG_RSBAC_REG) += reg/reg.o
 subdir-m += reg
 
-ALL_SUB_DIRS := mac fc sim pm ms ff rc auth reg acl cap jail res
+ALL_SUB_DIRS := mac fc sim pm ms ff rc auth reg acl cap jail res ps
 
 include $(TOPDIR)/Rules.make
 
@@ -120,6 +123,9 @@
 obj-$(CONFIG_RSBAC_RES) += res/
 endif
 
+subdir-$(CONFIG_RSBAC_PS) += ps
+obj-$(CONFIG_RSBAC_PS) += ps/
+
 subdir-$(CONFIG_RSBAC_REG) += reg
 obj-$(CONFIG_RSBAC_REG) += reg/
 ifeq ($(CONFIG_RSBAC_REG_SAMPLES),y)
diff -Naur linux-2.6.22.6-test-0/rsbac/adf/ps/Makefile 
linux-2.6.22.6-test-1/rsbac/adf/ps/Makefile
--- linux-2.6.22.6-test-0/rsbac/adf/ps/Makefile	1970-01-01 07:00:00.000000000 
+0700
+++ linux-2.6.22.6-test-1/rsbac/adf/ps/Makefile	2007-09-07 16:09:04.000000000 
+0800
@@ -0,0 +1,10 @@
+ifeq ($(PATCHLEVEL),4)
+O_TARGET := ps.o
+obj-y    := ps_main.o
+include $(TOPDIR)/Rules.make
+
+else
+# 2.6.x
+obj-y    := ps_main.o
+
+endif
diff -Naur linux-2.6.22.6-test-0/rsbac/adf/ps/ps_main.c 
linux-2.6.22.6-test-1/rsbac/adf/ps/ps_main.c
--- linux-2.6.22.6-test-0/rsbac/adf/ps/ps_main.c	1970-01-01 07:00:00.000000000 
+0700
+++ linux-2.6.22.6-test-1/rsbac/adf/ps/ps_main.c	2007-09-07 15:37:43.000000000 
+0800
@@ -0,0 +1,52 @@
+#include <linux/types.h>
+#include <linux/string.h>
+#include <linux/fs.h>
+#include <rsbac/aci.h>
+#include <rsbac/adf_main.h>
+#include <rsbac/error.h>
+#include <rsbac/helpers.h>
+#include <rsbac/getname.h>
+#include <rsbac/debug.h>
+
+#include <asm/uaccess.h>
+
+inline enum rsbac_adf_req_ret_t
+rsbac_adf_request_ps(
+			enum	rsbac_adf_request_t	request,
+				rsbac_pid_t		caller_pid,
+			enum	rsbac_target_t		target,
+			union	rsbac_target_id_t	tid,
+			enum	rsbac_attribute_t	attr,
+			union	rsbac_attribute_value_t	attr_val,
+				rsbac_uid_t		owner) {
+	enum	rsbac_adf_req_ret_t result = DO_NOT_CARE;
+	union	rsbac_target_id_t	i_tid;
+	union	rsbac_attribute_value_t	i_attr_val1;
+	int err = 0;
+
+	switch (request) {
+	case R_GET_STATUS_DATA:
+		switch (target) {
+		case T_PROCESS:
+			if (
+				owner == RSBAC_SYSADM_UID || 
+				owner == RSBAC_SECOFF_UID) {
+				return (GRANTED);
+			}
+			if (!rsbac_get_attr(SW_AUTH, T_PROCESS, tid,
+					A_auth_start_uid, &i_attr_val1,
+					FALSE)) {
+				if (i_attr_val1.auth_start_uid == owner) {
+					return (GRANTED);
+				}
+				return (NOT_GRANTED);
+			}
+			return (DO_NOT_CARE);
+		default:
+			return (DO_NOT_CARE);
+		}
+	default:
+		return DO_NOT_CARE;
+	}
+	return result;
+}
diff -Naur linux-2.6.22.6-test-0/rsbac/Kconfig 
linux-2.6.22.6-test-1/rsbac/Kconfig
--- linux-2.6.22.6-test-0/rsbac/Kconfig	2007-07-17 22:38:44.000000000 +0800
+++ linux-2.6.22.6-test-1/rsbac/Kconfig	2007-09-07 16:06:31.000000000 +0800
@@ -1465,6 +1465,9 @@
 	  security officers may change them.
 endmenu
 
+config RSBAC_PS
+	bool 'RSBAC support for PS policy'
+
 endmenu
 # Policies
 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.rsbac.org/pipermail/rsbac/attachments/20070907/137b5efb/attachment.pgp

More information about the rsbac mailing list