commit
badbf2ff98
14
src/main.c
14
src/main.c
@ -10,6 +10,8 @@
|
||||
See the file LICENSE.
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <unistd.h>
|
||||
#define FUSE_USE_VERSION 31
|
||||
|
||||
#define _GNU_SOURCE
|
||||
@ -28,17 +30,17 @@ const char *mountpoint = NULL;
|
||||
int main(int argc, char *argv[]) {
|
||||
umask(0);
|
||||
|
||||
mountpoint = realpath(argv[argc - 1], NULL);
|
||||
|
||||
int ret = source_init(mountpoint);
|
||||
int ret = init_ui_socket();
|
||||
if (ret != 0) {
|
||||
perror("source_init");
|
||||
fprintf(stderr, "Could not initalize ui-socket.\n");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
ret = init_ui_socket();
|
||||
mountpoint = realpath(argv[argc - 1], NULL);
|
||||
|
||||
ret = source_init(mountpoint);
|
||||
if (ret != 0) {
|
||||
fprintf(stderr, "Could not initalize ui-socket.\n");
|
||||
perror("source_init");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
|
||||
@ -1,10 +1,24 @@
|
||||
/*
|
||||
ICFS: Interactively Controlled File System
|
||||
Copyright (C) 2024-2025 Fedir Kovalov
|
||||
|
||||
This program can be distributed under the terms of the GNU GPLv2.
|
||||
See the file LICENSE.
|
||||
*/
|
||||
|
||||
#include "perm_permissions_table.h"
|
||||
#include "process_info.h"
|
||||
#include <fcntl.h>
|
||||
#include <pthread.h>
|
||||
#include <sqlite3.h>
|
||||
#include <stddef.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/fsuid.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/types.h>
|
||||
#include <unistd.h>
|
||||
|
||||
sqlite3 *perm_database = NULL;
|
||||
const char *const table_name = "permissions";
|
||||
@ -12,6 +26,38 @@ const char *const table_name = "permissions";
|
||||
const int column_count = 2;
|
||||
const char *const schema[] = {"executable", "filename"};
|
||||
const char *const types[] = {"TEXT", "TEXT"};
|
||||
uid_t ruid, euid, current_pid;
|
||||
pthread_mutex_t uid_switch = PTHREAD_MUTEX_INITIALIZER;
|
||||
|
||||
void set_db_fsuid() {
|
||||
pthread_mutex_lock(&uid_switch);
|
||||
if (current_pid == ruid)
|
||||
return;
|
||||
|
||||
int status = -1;
|
||||
|
||||
status = setfsuid(ruid);
|
||||
if (status < 0) {
|
||||
fprintf(stderr, "Couldn't set uid to %d.\n", ruid);
|
||||
exit(status);
|
||||
}
|
||||
pthread_mutex_unlock(&uid_switch);
|
||||
}
|
||||
|
||||
void set_real_fsuid() {
|
||||
pthread_mutex_lock(&uid_switch);
|
||||
if (current_pid == ruid)
|
||||
return;
|
||||
|
||||
int status = -1;
|
||||
|
||||
status = setfsuid(ruid);
|
||||
if (status < 0) {
|
||||
fprintf(stderr, "Couldn't set uid to %d.\n", euid);
|
||||
exit(status);
|
||||
}
|
||||
pthread_mutex_unlock(&uid_switch);
|
||||
}
|
||||
|
||||
static int check_table_col_schema(void *notused, int argc, char **argv,
|
||||
char **colname) {
|
||||
@ -21,15 +67,16 @@ static int check_table_col_schema(void *notused, int argc, char **argv,
|
||||
fprintf(stderr, "Unexpected amount of arguments given to the callback.\n");
|
||||
return 1;
|
||||
}
|
||||
int i = atoi(argv[0]);
|
||||
if (i >= column_count) {
|
||||
int column_num = atoi(argv[0]);
|
||||
if (column_num >= column_count) {
|
||||
fprintf(stderr, "Table contains more columns than expected.\n");
|
||||
return 1;
|
||||
}
|
||||
if (strcmp(schema[i], argv[1]) == 0 && strcmp(types[i], argv[2]) == 0) {
|
||||
if (strcmp(schema[column_num], argv[1]) == 0 &&
|
||||
strcmp(types[column_num], argv[2]) == 0) {
|
||||
return 0;
|
||||
}
|
||||
fprintf(stderr, "Column %d does not conform to the schema.\n", i);
|
||||
fprintf(stderr, "Column %d does not conform to the schema.\n", column_num);
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -101,14 +148,28 @@ int ensure_database_schema() {
|
||||
* @return: 0 on success, -1 on failure
|
||||
*/
|
||||
int init_perm_permissions_table(const char *db_filename) {
|
||||
// we don't want the group and others to access the db
|
||||
umask(0077);
|
||||
ruid = getuid();
|
||||
euid = geteuid();
|
||||
fprintf(stderr, "Running with uid: %d, gid: %d\n", euid, getegid());
|
||||
|
||||
if (sqlite3_open(db_filename, &perm_database)) {
|
||||
perror("Can't open permanent permissions database:");
|
||||
return -1;
|
||||
}
|
||||
umask(0);
|
||||
if (ensure_database_schema()) {
|
||||
fprintf(stderr, "Database schema is not correct.\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
int status = seteuid(ruid);
|
||||
if (status < 0) {
|
||||
fprintf(stderr, "Couldn't set euid to ruid during database setup.\n");
|
||||
exit(status);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -1,3 +1,10 @@
|
||||
/*
|
||||
ICFS: Interactively Controlled File System
|
||||
Copyright (C) 2024-2025 Fedir Kovalov
|
||||
|
||||
This program can be distributed under the terms of the GNU GPLv2.
|
||||
See the file LICENSE.
|
||||
*/
|
||||
|
||||
#ifndef PERM_PERMISSION_TABLE_H
|
||||
#define PERM_PERMISSION_TABLE_H
|
||||
|
||||
@ -1,3 +1,10 @@
|
||||
/*
|
||||
ICFS: Interactively Controlled File System
|
||||
Copyright (C) 2024-2025 Fedir Kovalov
|
||||
|
||||
This program can be distributed under the terms of the GNU GPLv2.
|
||||
See the file LICENSE.
|
||||
*/
|
||||
|
||||
#ifndef PROCESS_INFO_H
|
||||
#define PROCESS_INFO_H
|
||||
|
||||
@ -33,6 +33,8 @@ int source_init(const char *root_path) {
|
||||
int root_fd = open(root_path, O_PATH);
|
||||
|
||||
if (root_fd == -1) {
|
||||
fprintf(stderr, "Could not initialize source file system at %s", root_path);
|
||||
perror("");
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
@ -16,9 +16,23 @@ PATH="$(realpath ./mock/):$PATH"
|
||||
# mount the filesystem
|
||||
|
||||
echo "Run $(date -u +%Y-%m-%dT%H:%M:%S) "
|
||||
valgrind -s ../build/icfs -o default_permissions ./protected &
|
||||
if [[ $1 == "--setuid" ]]; then
|
||||
echo "Setting the setuid bit..."
|
||||
echo "root privilieges are required to create a special user and set correct ownership of the executable."
|
||||
id -u icfs &>/dev/null || sudo useradd --system --user-group icfs
|
||||
sudo chown icfs: ../build/icfs && sudo chmod 4777 ../build/icfs
|
||||
chmod g+w . # needed for icfs to be able to create the database
|
||||
echo "Valgrind will not be used due to setuid compatibility issues."
|
||||
../build/icfs -o default_permissions ./protected &
|
||||
sleep 1
|
||||
else
|
||||
echo "Database protection will not be tested due to the lack of setuid capabilites."
|
||||
echo "To test it, run this script with '--setuid'."
|
||||
valgrind -s ../build/icfs -o default_permissions ./protected &
|
||||
sleep 5
|
||||
fi
|
||||
|
||||
sleep 5
|
||||
#valgrind -s ../build/icfs -o default_permissions ./protected &
|
||||
|
||||
# WARN: please don't use `>` or `>>` operators. They force **this script** to open the file, **not the program you are trying to run**. This is probably not what you mean when you want to test a specific program's access.
|
||||
# WARN: avoid using touch, since it generates errors because setting times is not implemented in icfs **yet**.
|
||||
@ -105,6 +119,13 @@ cat ./protected/motto >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: echo cannot read protected/motto despite access being permitted!" # OK
|
||||
|
||||
# test database access
|
||||
if [[ -r "./.pt.db" || -w "./.pt.db" ]]; then
|
||||
echo "[ICFS-TEST]: permanent permissions is accessible!"
|
||||
else
|
||||
echo "[ICFS-TEST]: OK"
|
||||
fi
|
||||
|
||||
# unmount
|
||||
|
||||
sleep 0.5
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user