diff options
| author | Rob Landley <rob@landley.net> | 2015-05-28 01:43:47 -0500 |
|---|---|---|
| committer | Rob Landley <rob@landley.net> | 2015-05-28 01:43:47 -0500 |
| commit | 2d66e6a23822a500ecf6610411941e99127129c8 (patch) | |
| tree | a1742937f24691332b05ad2100cb2a816d575b8f | |
| parent | a65a7f4241f1cc9b4963a285e3a2137cffae62ad (diff) | |
| download | toybox-2d66e6a23822a500ecf6610411941e99127129c8.tar.gz | |
Attempt to fix the mkdir LSM race.
Doing a world writeable mkdir and _then_ adding a label seems like a race
window, so set the global "create stuff with these labels" context, then
do the creates.
| -rw-r--r-- | lib/lsm.h | 13 | ||||
| -rw-r--r-- | toys/posix/mkdir.c | 10 |
2 files changed, 15 insertions, 8 deletions
@@ -7,6 +7,7 @@ #include <selinux/selinux.h> #else #define is_selinux_enabled() 0 +#define setfscreatecon(...) (-1) #define getcon(...) (-1) #define getfilecon(...) (-1) #define lgetfilecon(...) (-1) @@ -27,6 +28,7 @@ #define smack_new_label_from_self(...) (-1) #define smack_new_label_from_path(...) (-1) #define smack_new_label_from_file(...) (-1) +#define smack_set_label_for_self(...) (-1) #define smack_set_label_for_path(...) (-1) #define smack_set_label_for_file(...) (-1) #endif @@ -58,6 +60,14 @@ static inline char *lsm_context(void) return ok ? result : strdup("?"); } +// Set default label to apply to newly created stuff (NULL to clear it) +static inline int lsm_set_create(char *context) +{ + if (CFG_TOYBOX_SMACK) return smack_set_label_for_self(context); + else return setfscreatecon(context); +} + +// Label a file, following symlinks static inline int lsm_set_context(char *filename, char *context) { if (CFG_TOYBOX_SMACK) @@ -65,6 +75,7 @@ static inline int lsm_set_context(char *filename, char *context) else return setfilecon(filename, context); } +// Label a file, don't follow symlinks static inline int lsm_lset_context(char *filename, char *context) { if (CFG_TOYBOX_SMACK) @@ -72,6 +83,7 @@ static inline int lsm_lset_context(char *filename, char *context) else return lsetfilecon(filename, context); } +// Label a file by filehandle static inline int lsm_fset_context(int file, char *context) { if (CFG_TOYBOX_SMACK) @@ -79,7 +91,6 @@ static inline int lsm_fset_context(int file, char *context) else return fsetfilecon(file, context); } - // returns -1 in case of error or else the length of the context */ // context can be NULL to get the length only */ static inline int lsm_get_context(char *filename, char **context) diff --git a/toys/posix/mkdir.c b/toys/posix/mkdir.c index 6e95e541..438e38ea 100644 --- a/toys/posix/mkdir.c +++ b/toys/posix/mkdir.c @@ -41,19 +41,15 @@ void mkdir_main(void) char **s; mode_t mode = (0777&~toys.old_umask); + if (CFG_MKDIR_Z && (toys.optflags&FLAG_Z)) + if (0>lsm_set_create(TT.arg_context)) + error_exit("bad -Z '%s'", TT.arg_context); if (TT.arg_mode) mode = string_to_mode(TT.arg_mode, 0777); // Note, -p and -v flags line up with mkpathat() flags - for (s=toys.optargs; *s; s++) { if (mkpathat(AT_FDCWD, *s, mode, toys.optflags|1)) perror_msg("'%s'", *s); - else if (CFG_MKDIR_Z && (toys.optflags & FLAG_Z)) { - if (lsm_set_context(*s, TT.arg_context)) { - rmdir(*s); - error_msg("'%s': bad -Z '%s'", *s, TT.arg_context); - } - } } } |