X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/1c79356b52d46aa6b508fb032f5ae709b1f2897b..cf03f5cdc65293b4cb5eba3ed23fed26dad903c9:/bsd/kern/kern_prot.c?ds=sidebyside diff --git a/bsd/kern/kern_prot.c b/bsd/kern/kern_prot.c index 579c321f6..2cd41c3b1 100644 --- a/bsd/kern/kern_prot.c +++ b/bsd/kern/kern_prot.c @@ -1,21 +1,24 @@ /* - * Copyright (c) 2000 Apple Computer, Inc. All rights reserved. + * Copyright (c) 2000-2002 Apple Computer, Inc. All rights reserved. * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -75,6 +78,8 @@ #include #include +#include + #include /* @@ -131,6 +136,56 @@ getpgrp(p, uap, retval) return (0); } +/* Get an arbitary pid's process group id */ +struct getpgid_args { + pid_t pid; +}; + +int +getpgid(p, uap, retval) + struct proc *p; + struct getpgid_args *uap; + register_t *retval; +{ + struct proc *pt; + + pt = p; + if (uap->pid == 0) + goto found; + + if ((pt = pfind(uap->pid)) == 0) + return (ESRCH); +found: + *retval = pt->p_pgrp->pg_id; + return (0); +} + +/* + * Get an arbitary pid's session id. + */ +struct getsid_args { + pid_t pid; +}; + +int +getsid(p, uap, retval) + struct proc *p; + struct getsid_args *uap; + register_t *retval; +{ + struct proc *pt; + + pt = p; + if (uap->pid == 0) + goto found; + + if ((pt = pfind(uap->pid)) == 0) + return (ESRCH); +found: + *retval = pt->p_session->s_sid; + return (0); +} + /* ARGSUSED */ getuid(p, uap, retval) struct proc *p; @@ -279,6 +334,27 @@ setpgid(curp, uap, retval) return (enterpgrp(targp, uap->pgid, 0)); } +struct issetugid_args { + int dummy; +}; +issetugid(p, uap, retval) + struct proc *p; + struct issetugid_args *uap; + register_t *retval; +{ + /* + * Note: OpenBSD sets a P_SUGIDEXEC flag set at execve() time, + * we use P_SUGID because we consider changing the owners as + * "tainting" as well. + * This is significant for procs that start as root and "become" + * a user without an exec - programs cannot know *everything* + * that libc *might* have put in their data segment. + */ + + *retval = (p->p_flag & P_SUGID) ? 1 : 0; + return (0); +} + struct setuid_args { uid_t uid; }; @@ -301,6 +377,9 @@ setuid(p, uap, retval) * Transfer proc count to new user. * Copy credentials so other references do not see our changes. */ + + /* prepare app access profile files */ + prepare_profile_database(uap->uid); pcred_writelock(p); (void)chgproccnt(pc->p_ruid, -1); (void)chgproccnt(uid, 1); @@ -691,14 +770,14 @@ setlogin(p, uap, retval) /* Set the secrity token of the task with current euid and eguid */ -void +kern_return_t set_security_token(struct proc * p) { security_token_t sec_token; sec_token.val[0] = p->p_ucred->cr_uid; sec_token.val[1] = p->p_ucred->cr_gid; - (void)host_security_set_task_token(host_security_self(), + return host_security_set_task_token(host_security_self(), p->task, sec_token, (sec_token.val[0]) ?