blocxx

PosixPathSecurity.cpp

Go to the documentation of this file.
00001 /*******************************************************************************
00002 * Copyright (C) 2005, Vintela, Inc. All rights reserved.
00003 * Copyright (C) 2006, Novell, Inc. All rights reserved.
00004 * 
00005 * Redistribution and use in source and binary forms, with or without
00006 * modification, are permitted provided that the following conditions are met:
00007 * 
00008 *     * Redistributions of source code must retain the above copyright notice,
00009 *       this list of conditions and the following disclaimer.
00010 *     * Redistributions in binary form must reproduce the above copyright
00011 *       notice, this list of conditions and the following disclaimer in the
00012 *       documentation and/or other materials provided with the distribution.
00013 *     * Neither the name of 
00014 *       Vintela, Inc., 
00015 *       nor Novell, Inc., 
00016 *       nor the names of its contributors or employees may be used to 
00017 *       endorse or promote products derived from this software without 
00018 *       specific prior written permission.
00019 * 
00020 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
00021 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00022 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
00023 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
00024 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
00025 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
00026 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
00027 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
00028 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
00029 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
00030 * POSSIBILITY OF SUCH DAMAGE.
00031 *******************************************************************************/
00032 
00037 #include "blocxx/BLOCXX_config.h"
00038 #include "blocxx/PathSecurity.hpp"
00039 
00040 namespace BLOCXX_NAMESPACE
00041 {
00042 
00043    inline bool group_ok(::gid_t gid)
00044    {
00045 #ifdef BLOCXX_SOLARIS
00046       return gid == 0 /* root */ || gid == 3 /* sys */;
00047 #elif defined(BLOCXX_DARWIN)
00048       return gid == 0 /* root */ || gid == 80 /* admin */;
00049 #else
00050       return gid == 0 /* root */;
00051 #endif
00052    }
00053 
00054    inline bool check_grp_oth(struct stat const & x)
00055    {
00056       ::mode_t badmsk = group_ok(x.st_gid) ? S_IWOTH : (S_IWGRP | S_IWOTH);
00057       return !(x.st_mode & badmsk);
00058    }
00059 
00060    EFileStatusReturn file_ok(struct stat const & x, ::uid_t uid, bool full_path)
00061    {
00062       // Note: originally this disallowed multiple hard links to a file,
00063       // but that restriction is not necessary, as the permissions for a
00064       // file are associated with its inode, and not with its directory
00065       // entries.  Note also that it's not a problem if someone does an
00066       // unlink of an alternate path to the file, as this just removes
00067       // the alternate directory entry -- the file itself is not actually
00068       // deleted until there are no hard links at all to it.
00069       EFileStatusReturn retval(E_FILE_OK);
00070       if (x.st_uid == 0 || 
00071 #if defined(BLOCXX_HPUX) || defined(BLOCXX_AIX)
00072           // on HP-UX & AIX, many system dirs & files are owned by the bin user, which has a uid of 2.
00073           x.st_uid == 2 ||
00074 #endif
00075           x.st_uid == uid)
00076       {
00077          if (!(S_ISLNK(x.st_mode) || check_grp_oth(x) || S_ISDIR(x.st_mode) && !full_path && (x.st_mode & S_ISVTX)))
00078          {
00079             retval = E_FILE_BAD_OTHER;
00080          }
00081       }
00082       else
00083       {
00084          retval = E_FILE_BAD_OWNER;
00085       }
00086       return retval;
00087    }
00088 
00089    EFileStatusReturn getFileStatus(struct stat const & x, uid_t uid, bool is_full_path, const String& path)
00090    {
00091       return file_ok(x, uid, is_full_path);
00092    }
00093 
00094    bool isPathAbsolute(String const & path)
00095    {
00096       return path.startsWith("/") ? true : false;
00097    }
00098 
00099 }  // end namespace BLOCXX_NAMESPACE