]> git.saurik.com Git - apple/system_cmds.git/blobdiff - mach_init.tproj/rpc_services.c
projects / apple / system_cmds.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
system_cmds-279.6.1.tar.gz
[apple/system_cmds.git] / mach_init.tproj / rpc_services.c
diff --git a/mach_init.tproj/rpc_services.c b/mach_init.tproj/rpc_services.c
index 4d3f34dcce1b668ab8fa51ecf5f0e5cc6803c272..69168ef1ec3468eb9e264e434726de45491be116 100644 (file)
--- a/mach_init.tproj/rpc_services.c
+++ b/mach_init.tproj/rpc_services.c
@@ -1,24 +1,23 @@
 /*
 /*
- * Copyright (c) 1999-2002 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 1999-2004 Apple Computer, Inc. All rights reserved.
  *
  * @APPLE_LICENSE_HEADER_START@
  * 
  *
  * @APPLE_LICENSE_HEADER_START@
  * 
- * Copyright (c) 1999-2003 Apple Computer, Inc.  All Rights Reserved.
- * 
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
+ * "Portions Copyright (c) 1999 Apple Computer, Inc.  All Rights
+ * Reserved.  This file contains Original Code and/or Modifications of
+ * Original Code as defined in and that are subject to the Apple Public
+ * Source License Version 1.0 (the 'License').  You may not use this file
+ * except in compliance with the License.  Please obtain a copy of the
+ * License at http://www.apple.com/publicsource and read it before using
+ * this file.
  * 
  * The Original Code and all software distributed under the License are
  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  * 
  * The Original Code and all software distributed under the License are
  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
+ * License for the specific language governing rights and limitations
+ * under the License."
  * 
  * @APPLE_LICENSE_HEADER_END@
  */
  * 
  * @APPLE_LICENSE_HEADER_END@
  */
@@ -33,6 +32,9 @@
 #import <mach/mach.h>
 #import <string.h>
 
 #import <mach/mach.h>
 #import <string.h>
 
+#import <bsm/audit.h>
+#import <bsm/libbsm.h>
+
 #import "bootstrap_internal.h"
 #import "error_log.h"
 #import "lists.h"
 #import "bootstrap_internal.h"
 #import "error_log.h"
 #import "lists.h"
@@ -75,12 +77,15 @@ x_bootstrap_create_server(
        cmd_t server_cmd,
        int server_uid,
        boolean_t on_demand,
        cmd_t server_cmd,
        int server_uid,
        boolean_t on_demand,
-       security_token_t sectoken,
+       audit_token_t client_audit_token,
        mach_port_t *server_portp)
 {
        server_t *serverp;
        mach_port_t *server_portp)
 {
        server_t *serverp;
+       struct auditinfo audit_info;
        bootstrap_info_t *bootstrap;
 
        bootstrap_info_t *bootstrap;
 
+       uid_t client_euid;
+       
        bootstrap = lookup_bootstrap_by_port(bootstrap_port);
        debug("Server create attempt: \"%s\" bootstrap %x",
              server_cmd, bootstrap_port);
        bootstrap = lookup_bootstrap_by_port(bootstrap_port);
        debug("Server create attempt: \"%s\" bootstrap %x",
              server_cmd, bootstrap_port);
@@ -92,17 +97,29 @@ x_bootstrap_create_server(
                return BOOTSTRAP_NOT_PRIVILEGED;
        }
 
                return BOOTSTRAP_NOT_PRIVILEGED;
        }
 
-       /* only same uid (or root client) */
-       if (sectoken.val[0] && sectoken.val[0] != server_uid) {
-               log("Server create: \"%s\": invalid security token (%d != %d)",
-                       server_cmd, sectoken.val[0], server_uid);
+       /* get the identity of the requestor and set up audit_info of server */
+       audit_token_to_au32(client_audit_token,
+                           &audit_info.ai_auid,
+                           &client_euid,
+                           NULL /* egid */,
+                           NULL /* ruid */,
+                           NULL /* rgid */,
+                           NULL /* pid */,
+                           &audit_info.ai_asid,
+                           &audit_info.ai_termid);
+
+       if (client_euid != 0 && client_euid != server_uid) {
+               notice("Server create: \"%s\": insufficient privilege for specified uid (euid-%d != requested-%d)",
+                       server_cmd, client_euid, server_uid);
                return BOOTSTRAP_NOT_PRIVILEGED;
        }
                return BOOTSTRAP_NOT_PRIVILEGED;
        }
+
        serverp = new_server(
                                        bootstrap,
                                        server_cmd,
                                        server_uid,
        serverp = new_server(
                                        bootstrap,
                                        server_cmd,
                                        server_uid,
-                                       (on_demand) ? DEMAND : RESTARTABLE);
+                                       (on_demand) ? DEMAND : RESTARTABLE,
+                                       audit_info);
        setup_server(serverp);
 
        info("New server %x in bootstrap %x: \"%s\"",
        setup_server(serverp);
 
        info("New server %x in bootstrap %x: \"%s\"",
@@ -136,7 +153,7 @@ x_bootstrap_unprivileged(
        debug("Get unprivileged attempt for bootstrap %x", bootstrap_port);
 
        bootstrap = lookup_bootstrap_by_port(bootstrap_port);
        debug("Get unprivileged attempt for bootstrap %x", bootstrap_port);
 
        bootstrap = lookup_bootstrap_by_port(bootstrap_port);
-       if (!bootstrap || !active_bootstrap(bootstrap)) {
+       if (!bootstrap) {
                debug("Get unprivileged: invalid bootstrap %x", bootstrap_port);
                return BOOTSTRAP_NOT_PRIVILEGED;
        }
                debug("Get unprivileged: invalid bootstrap %x", bootstrap_port);
                return BOOTSTRAP_NOT_PRIVILEGED;
        }
@@ -197,7 +214,7 @@ x_bootstrap_check_in(
                        service_name);
                 return BOOTSTRAP_NOT_PRIVILEGED;
        }
                        service_name);
                 return BOOTSTRAP_NOT_PRIVILEGED;
        }
-       if (servicep->servicetype == SELF || !canReceive(servicep->port)) {
+       if (!canReceive(servicep->port)) {
                ASSERT(servicep->isActive);
                debug("bootstrap_check_in service %s already active",
                        service_name);
                ASSERT(servicep->isActive);
                debug("bootstrap_check_in service %s already active",
                        service_name);
@@ -495,31 +512,25 @@ x_bootstrap_parent(
        security_token_t sectoken,
        mach_port_t *parent_port)
 {
        security_token_t sectoken,
        mach_port_t *parent_port)
 {
-#if 0
        bootstrap_info_t *bootstrap;
 
        debug("Parent attempt for bootstrap %x", bootstrap_port);
 
        bootstrap = lookup_bootstrap_by_port(bootstrap_port);
        bootstrap_info_t *bootstrap;
 
        debug("Parent attempt for bootstrap %x", bootstrap_port);
 
        bootstrap = lookup_bootstrap_by_port(bootstrap_port);
-       if (!bootstrap || !active_bootstrap(bootstrap)) { 
+       if (!bootstrap) { 
                debug("Parent attempt for bootstrap %x: invalid bootstrap",
                      bootstrap_port);
                return BOOTSTRAP_NOT_PRIVILEGED;
        }
        if (sectoken.val[0]) {
                debug("Parent attempt for bootstrap %x: invalid bootstrap",
                      bootstrap_port);
                return BOOTSTRAP_NOT_PRIVILEGED;
        }
        if (sectoken.val[0]) {
-               log("Bootstrap parent for bootstrap %x: invalid security token (%d)",
-                   bootstrap_port, sectoken.val[0]);
+               notice("Bootstrap parent for bootstrap %x: invalid security token (%d)",
+                      bootstrap_port, sectoken.val[0]);
                return BOOTSTRAP_NOT_PRIVILEGED;
        }
        debug("Returning bootstrap parent %x for bootstrap %x",
              bootstrap->parent->bootstrap_port, bootstrap_port);
        *parent_port = bootstrap->parent->bootstrap_port;
        return BOOTSTRAP_SUCCESS;
                return BOOTSTRAP_NOT_PRIVILEGED;
        }
        debug("Returning bootstrap parent %x for bootstrap %x",
              bootstrap->parent->bootstrap_port, bootstrap_port);
        *parent_port = bootstrap->parent->bootstrap_port;
        return BOOTSTRAP_SUCCESS;
-#else
-       debug("bootstrap parent for bootstrap %x: not implemented", 
-             bootstrap_port);
-       return BOOTSTRAP_NOT_PRIVILEGED;
-#endif
 }
 
 /*
 }
 
 /*
mirror of system_cmds