blocxx

PathSecurity.hpp

Go to the documentation of this file.
00001 /*******************************************************************************
00002 * Copyright (C) 2005, Vintela, Inc. All rights reserved.
00003 * Copyright (C) 2006, Novell, Inc. All rights reserved.
00004 * 
00005 * Redistribution and use in source and binary forms, with or without
00006 * modification, are permitted provided that the following conditions are met:
00007 * 
00008 *     * Redistributions of source code must retain the above copyright notice,
00009 *       this list of conditions and the following disclaimer.
00010 *     * Redistributions in binary form must reproduce the above copyright
00011 *       notice, this list of conditions and the following disclaimer in the
00012 *       documentation and/or other materials provided with the distribution.
00013 *     * Neither the name of 
00014 *       Vintela, Inc., 
00015 *       nor Novell, Inc., 
00016 *       nor the names of its contributors or employees may be used to 
00017 *       endorse or promote products derived from this software without 
00018 *       specific prior written permission.
00019 * 
00020 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
00021 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00022 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
00023 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
00024 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
00025 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
00026 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
00027 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
00028 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
00029 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
00030 * POSSIBILITY OF SUCH DAMAGE.
00031 *******************************************************************************/
00032 
00033 
00038 #ifndef BLOCXX_PATHSECURITY_HPP_INCLUDE_GUARD_
00039 #define BLOCXX_PATHSECURITY_HPP_INCLUDE_GUARD_
00040 
00041 #include "blocxx/BLOCXX_config.h"
00042 #include "blocxx/String.hpp"
00043 #ifdef BLOCXX_HAVE_SYS_STAT_H
00044 #include <sys/stat.h>
00045 #endif
00046 
00047 namespace BLOCXX_NAMESPACE
00048 {
00049 
00050 enum EFileStatusReturn
00051 {
00052    E_FILE_OK,
00053    E_FILE_BAD_OWNER,
00054    E_FILE_BAD_OTHER
00055 };
00056 
00057 #ifdef BLOCXX_WIN32
00058 
00059 #define S_IRUSR 400       /* Read by owner.  */
00060 #define S_IWUSR 200      /* Write by owner.  */
00061 #define S_IXUSR 100       /* Execute by owner.  */
00062 /* Read, write, and execute by owner.  */
00063 #define S_IRWXU (S_IRUSR|S_IWUSR|S_IXUSR)
00064 
00065 #define S_IRGRP (S_IRUSR / 10)  /* Read by group.  */
00066 #define S_IWGRP (S_IWUSR / 10)  /* Write by group.  */
00067 #define S_IXGRP (S_IXUSR / 10)  /* Execute by group.  */
00068 /* Read, write, and execute by group.  */
00069 #define S_IRWXG (S_IRGRP|S_IWGRP|S_IXGRP)
00070 
00071 #define S_IROTH (S_IRGRP / 10)  /* Read by others.  */
00072 #define S_IWOTH (S_IWGRP / 10)  /* Write by others.  */
00073 #define S_IXOTH (S_IXGRP / 10)  /* Execute by others.  */
00074 /* Read, write, and execute by others.  */
00075 #define S_IRWXO (S_IROTH|S_IWOTH|S_IXOTH)
00076 
00077 #define S_ISVTX 0x0001000        /* sticky bit (see below) */
00078 #define S_ISDIR(__PARM__) (_S_IFDIR & __PARM__)
00079 #define S_ISREG(__PARM__) (_S_IFREG & __PARM__)
00080 #define S_ISLNK(__PARM__) (false)   /*TODO: implement hardlinks */
00081 
00082 #ifndef ELOOP
00083 #define ELOOP           40       /* Too many symbolic links encountered */
00084 #endif
00085 
00086 static const unsigned long BLOCXX_WIN32_ACCESSMASK_FILE_READ_DATA    = 1;
00087 static const unsigned long BLOCXX_WIN32_ACCESSMASK_FILE_WRITE_DATA   = 1<<1;
00088 static const unsigned long BLOCXX_WIN32_ACCESSMASK_FILE_APPEND_DATA  = 1<<2;
00089 static const unsigned long BLOCXX_WIN32_ACCESSMASK_FILE_READ_EA      = 1<<3;
00090 static const unsigned long BLOCXX_WIN32_ACCESSMASK_FILE_WRITE_EA     = 1<<4;
00091 static const unsigned long BLOCXX_WIN32_ACCESSMASK_FILE_EXEC         = 1<<5;
00092 static const unsigned long BLOCXX_WIN32_ACCESSMASK_FILE_DELETE_CHILD = 1<<6;
00093 static const unsigned long BLOCXX_WIN32_ACCESSMASK_FILE_READ_ATTRS   = 1<<7;
00094 static const unsigned long BLOCXX_WIN32_ACCESSMASK_FILE_WRITE_ATTRS  = 1<<8;
00095 
00096 static const unsigned long BLOCXX_WIN32_ACCESSMASK_DELETE            = 1<<16;
00097 static const unsigned long BLOCXX_WIN32_ACCESSMASK_READ_CONTROL      = 1<<17;
00098 static const unsigned long BLOCXX_WIN32_ACCESSMASK_WRITE_DAC         = 1<<18;
00099 static const unsigned long BLOCXX_WIN32_ACCESSMASK_WRITE_OWNER       = 1<<19;
00100 static const unsigned long BLOCXX_WIN32_ACCESSMASK_SYNCHRONIZE       = 1<<20;
00101 static const unsigned long BLOCXX_WIN32_ACCESSMASK_SYSSECURITY       = 1<<24;
00102 
00103 static const unsigned long BLOCXX_WIN32_ACCESSMASK_GENERIC_ALL       = 1<<28;
00104 static const unsigned long BLOCXX_WIN32_ACCESSMASK_GENERIC_EXEC      = 1<<29;
00105 static const unsigned long BLOCXX_WIN32_ACCESSMASK_GENERIC_WRITE     = 1<<30;
00106 static const unsigned long BLOCXX_WIN32_ACCESSMASK_GENERIC_READ      = 1<<31;
00107 
00108 static const unsigned long BLOCXX_WIN32_ACCESSMASK_ALLOW_ANY_CHANGE  = \
00109          BLOCXX_WIN32_ACCESSMASK_GENERIC_ALL | \
00110          BLOCXX_WIN32_ACCESSMASK_GENERIC_WRITE | \
00111          BLOCXX_WIN32_ACCESSMASK_WRITE_DAC | \
00112          BLOCXX_WIN32_ACCESSMASK_FILE_WRITE_ATTRS | \
00113          BLOCXX_WIN32_ACCESSMASK_FILE_WRITE_DATA | \
00114          BLOCXX_WIN32_ACCESSMASK_FILE_APPEND_DATA | \
00115          BLOCXX_WIN32_ACCESSMASK_FILE_WRITE_EA ;
00116 
00117 
00118 #endif //ifdef BLOCXX_WIN32
00119 
00120 #if defined(BLOCXX_NETWARE) || defined(BLOCXX_WIN32)
00121   #define LSTAT ::stat
00122   #define S_ISLNK(x) false
00123   #define READLINK(path, buf, size) 0
00124   #define READLINK_ALLOWED false
00125 #else
00126   #define LSTAT ::lstat
00127   #define READLINK(path, buf, size) ::readlink((path), (buf), (size))
00128   #define READLINK_ALLOWED true
00129 #endif
00130 
00131 
00132 BLOCXX_COMMON_API bool isPathAbsolute(String const & path);
00134 EFileStatusReturn getFileStatus(struct stat const & x, uid_t uid, bool is_full_path, const String& path);
00135 
00136 } // end namespace BLOCXX_NAMESPACE
00137 
00138 #endif