X-Git-Url: https://git.saurik.com/apple/system_cmds.git/blobdiff_plain/6d658acdb5f61932718109ed8f339604b778ab80..0e393d5044d1e68e17d91385b70d5cd6b27f8438:/mach_init.tproj/rpc_services.c?ds=sidebyside

diff --git a/mach_init.tproj/rpc_services.c b/mach_init.tproj/rpc_services.c
index 4d3f34d..69168ef 100644
--- a/mach_init.tproj/rpc_services.c
+++ b/mach_init.tproj/rpc_services.c
@@ -1,24 +1,23 @@
 /*
- * Copyright (c) 1999-2002 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 1999-2004 Apple Computer, Inc. All rights reserved.
  *
  * @APPLE_LICENSE_HEADER_START@
  * 
- * Copyright (c) 1999-2003 Apple Computer, Inc.  All Rights Reserved.
- * 
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
+ * "Portions Copyright (c) 1999 Apple Computer, Inc.  All Rights
+ * Reserved.  This file contains Original Code and/or Modifications of
+ * Original Code as defined in and that are subject to the Apple Public
+ * Source License Version 1.0 (the 'License').  You may not use this file
+ * except in compliance with the License.  Please obtain a copy of the
+ * License at http://www.apple.com/publicsource and read it before using
+ * this file.
  * 
  * The Original Code and all software distributed under the License are
  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
+ * License for the specific language governing rights and limitations
+ * under the License."
  * 
  * @APPLE_LICENSE_HEADER_END@
  */
@@ -33,6 +32,9 @@
 #import <mach/mach.h>
 #import <string.h>
 
+#import <bsm/audit.h>
+#import <bsm/libbsm.h>
+
 #import "bootstrap_internal.h"
 #import "error_log.h"
 #import "lists.h"
@@ -75,12 +77,15 @@ x_bootstrap_create_server(
 	cmd_t server_cmd,
 	int server_uid,
 	boolean_t on_demand,
-	security_token_t sectoken,
+	audit_token_t client_audit_token,
 	mach_port_t *server_portp)
 {
 	server_t *serverp;
+	struct auditinfo audit_info;
 	bootstrap_info_t *bootstrap;
 
+	uid_t client_euid;
+	
 	bootstrap = lookup_bootstrap_by_port(bootstrap_port);
 	debug("Server create attempt: \"%s\" bootstrap %x",
 	      server_cmd, bootstrap_port);
@@ -92,17 +97,29 @@ x_bootstrap_create_server(
 		return BOOTSTRAP_NOT_PRIVILEGED;
 	}
 
-	/* only same uid (or root client) */
-	if (sectoken.val[0] && sectoken.val[0] != server_uid) {
-		log("Server create: \"%s\": invalid security token (%d != %d)",
-			server_cmd, sectoken.val[0], server_uid);
+	/* get the identity of the requestor and set up audit_info of server */
+	audit_token_to_au32(client_audit_token,
+			    &audit_info.ai_auid,
+			    &client_euid,
+			    NULL /* egid */,
+			    NULL /* ruid */,
+			    NULL /* rgid */,
+			    NULL /* pid */,
+			    &audit_info.ai_asid,
+			    &audit_info.ai_termid);
+
+	if (client_euid != 0 && client_euid != server_uid) {
+		notice("Server create: \"%s\": insufficient privilege for specified uid (euid-%d != requested-%d)",
+			server_cmd, client_euid, server_uid);
 		return BOOTSTRAP_NOT_PRIVILEGED;
 	}
+
 	serverp = new_server(
 					bootstrap,
 					server_cmd,
 					server_uid,
-					(on_demand) ? DEMAND : RESTARTABLE);
+					(on_demand) ? DEMAND : RESTARTABLE,
+					audit_info);
 	setup_server(serverp);
 
 	info("New server %x in bootstrap %x: \"%s\"",
@@ -136,7 +153,7 @@ x_bootstrap_unprivileged(
 	debug("Get unprivileged attempt for bootstrap %x", bootstrap_port);
 
 	bootstrap = lookup_bootstrap_by_port(bootstrap_port);
-	if (!bootstrap || !active_bootstrap(bootstrap)) {
+	if (!bootstrap) {
 		debug("Get unprivileged: invalid bootstrap %x", bootstrap_port);
 		return BOOTSTRAP_NOT_PRIVILEGED;
 	}
@@ -197,7 +214,7 @@ x_bootstrap_check_in(
 			service_name);
 		 return BOOTSTRAP_NOT_PRIVILEGED;
 	}
-	if (servicep->servicetype == SELF || !canReceive(servicep->port)) {
+	if (!canReceive(servicep->port)) {
 		ASSERT(servicep->isActive);
 		debug("bootstrap_check_in service %s already active",
 			service_name);
@@ -495,31 +512,25 @@ x_bootstrap_parent(
 	security_token_t sectoken,
 	mach_port_t *parent_port)
 {
-#if 0
 	bootstrap_info_t *bootstrap;
 
 	debug("Parent attempt for bootstrap %x", bootstrap_port);
 
 	bootstrap = lookup_bootstrap_by_port(bootstrap_port);
-	if (!bootstrap || !active_bootstrap(bootstrap)) { 
+	if (!bootstrap) { 
 		debug("Parent attempt for bootstrap %x: invalid bootstrap",
 		      bootstrap_port);
 		return BOOTSTRAP_NOT_PRIVILEGED;
 	}
 	if (sectoken.val[0]) {
-		log("Bootstrap parent for bootstrap %x: invalid security token (%d)",
-		    bootstrap_port, sectoken.val[0]);
+		notice("Bootstrap parent for bootstrap %x: invalid security token (%d)",
+		       bootstrap_port, sectoken.val[0]);
 		return BOOTSTRAP_NOT_PRIVILEGED;
 	}
 	debug("Returning bootstrap parent %x for bootstrap %x",
 	      bootstrap->parent->bootstrap_port, bootstrap_port);
 	*parent_port = bootstrap->parent->bootstrap_port;
 	return BOOTSTRAP_SUCCESS;
-#else
-	debug("bootstrap parent for bootstrap %x: not implemented", 
-	      bootstrap_port);
-	return BOOTSTRAP_NOT_PRIVILEGED;
-#endif
 }
 
 /*