Compare commits
22 Commits
8cb7721e39
...
new-dialog
| Author | SHA1 | Date | |
|---|---|---|---|
78e108d0d4
|
|||
|
b4149ac425
|
|||
|
6065a0c20a
|
|||
|
15fa0fe193
|
|||
|
801a7cdb39
|
|||
|
22b091f017
|
|||
|
fd2144a1f9
|
|||
|
420f34a7f3
|
|||
|
4539df9842
|
|||
|
e32ce5add5
|
|||
|
4f98a4834e
|
|||
|
8a530b493c
|
|||
|
c4ae40c7bd
|
|||
|
ecedbbb4ce
|
|||
|
10d2988761
|
|||
|
f4576cf7ea
|
|||
|
a2eeb81fed
|
|||
|
3a89449c32
|
|||
|
ac1d7c1535
|
|||
|
112d514f59
|
|||
|
d367d6ffe7
|
|||
|
82f66a1df3
|
10
.gitignore
vendored
10
.gitignore
vendored
@@ -2,7 +2,13 @@ build/*
|
||||
.clang-tidy
|
||||
.cache
|
||||
test/protected/*
|
||||
test/.pt.db
|
||||
compile_commands.json
|
||||
test/perf*
|
||||
test/callgraph*
|
||||
test/openers
|
||||
test/opener/opener
|
||||
test/opener/opener.o
|
||||
test/.*
|
||||
*compile_commands.json
|
||||
src/gui/ui/*
|
||||
src/gui/*.o
|
||||
src/gui/icfs_dialogue
|
||||
|
||||
41
Makefile
41
Makefile
@@ -2,9 +2,17 @@ SHELL=/bin/bash
|
||||
|
||||
# configurable options
|
||||
|
||||
SOURCES_DIR := ./src
|
||||
TESTS_DIR := ./tests
|
||||
BUILD_DIR := ./build
|
||||
ifndef ($(SOURCES_DIR))
|
||||
SOURCES_DIR := ./src
|
||||
endif
|
||||
|
||||
ifndef ($(TESTS_DIR))
|
||||
TESTS_DIR := ./tests
|
||||
endif
|
||||
|
||||
ifndef ($(BUILD_DIR))
|
||||
BUILD_DIR := ./build
|
||||
endif
|
||||
|
||||
CC := gcc
|
||||
CXX := g++
|
||||
@@ -49,14 +57,20 @@ ifeq ($(TEST), 1)
|
||||
TARGETS += icfs_test
|
||||
endif
|
||||
|
||||
ifneq ($(DIALOGUE), 0)
|
||||
TARGETS += $(BUILD_DIR)/icfs_dialogue
|
||||
endif
|
||||
|
||||
# build!
|
||||
|
||||
default: $(TARGETS)
|
||||
|
||||
.PHONY: clean
|
||||
.PHONY: clean icfs_test clean-icfs clean-icfs_dialogue
|
||||
|
||||
$(BUILD_DIR)/icfs: $(BUILD_DIR)/main.o $(BUILD_DIR)/fuse_operations.o $(BUILD_DIR)/sourcefs.o $(BUILD_DIR)/ui-socket.o $(BUILD_DIR)/temp_permissions_table.o $(BUILD_DIR)/perm_permissions_table.o
|
||||
$(BUILD_DIR)/icfs_dialogue:
|
||||
make -C $(SOURCES_DIR)/gui TEST=$(TEST) DEBUG=$(shell realpath $(DEBUG)) SOURCES_DIR=$(shell realpath $(SOURCES_DIR)/gui) BUILD_DIR=$(shell realpath $(BUILD_DIR)) TESTS_DIR=$(shell realpath $(TESTS_DIR))
|
||||
|
||||
$(BUILD_DIR)/icfs: $(BUILD_DIR)/main.o $(BUILD_DIR)/fuse_operations.o $(BUILD_DIR)/sourcefs.o $(BUILD_DIR)/ui-socket.o $(BUILD_DIR)/temp_permissions_table.o $(BUILD_DIR)/perm_permissions_table.o $(BUILD_DIR)/proc_operations.o
|
||||
$(CC) $(CFLAGS) $^ $(LDFLAGS) -o $(BUILD_DIR)/icfs
|
||||
|
||||
icfs_test: $(BUILD_DIR)/icfs
|
||||
@@ -83,6 +97,19 @@ $(BUILD_DIR)/temp_permissions_table.o: $(SOURCES_DIR)/temp_permissions_table.c $
|
||||
$(BUILD_DIR)/perm_permissions_table.o: $(SOURCES_DIR)/perm_permissions_table.c $(SOURCES_DIR)/perm_permissions_table.h
|
||||
$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $@
|
||||
|
||||
$(BUILD_DIR)/proc_operations.o: $(SOURCES_DIR)/proc_operations.c $(SOURCES_DIR)/proc_operations.h
|
||||
$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $@
|
||||
|
||||
clean:
|
||||
rm $(BUILD_DIR)/*.o $(BUILD_DIR)/icfs*
|
||||
CLEAN_TARGETS=clean-icfs
|
||||
|
||||
ifneq ($(DIALOGUE), 0)
|
||||
CLEAN_TARGETS += clean-icfs_dialogue
|
||||
endif
|
||||
|
||||
clean: $(CLEAN_TARGETS)
|
||||
|
||||
clean-icfs:
|
||||
rm $(BUILD_DIR)/*.o $(BUILD_DIR)/icfs
|
||||
|
||||
clean-icfs_dialogue:
|
||||
make -C $(SOURCES_DIR)/gui clean SOURCES_DIR=$(shell realpath $(SOURCES_DIR)/gui) BUILD_DIR=$(shell realpath $(BUILD_DIR)) TESTS_DIR=$(shell realpath $(TESTS_DIR))
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
#ifndef ACCESS_T_H
|
||||
#define ACCESS_T_H
|
||||
|
||||
typedef enum { DENY, ALLOW, ALLOW_TEMP, NDEF } access_t;
|
||||
typedef enum { DENY, ALLOW, ALLOW_TEMP, DENY_TEMP, NDEF } access_t;
|
||||
|
||||
#endif // !ACCESS_T_H
|
||||
|
||||
@@ -39,63 +39,10 @@
|
||||
#include <sys/file.h> /* flock(2) */
|
||||
|
||||
#include "fuse_operations.h"
|
||||
#include "proc_operations.h"
|
||||
#include "sourcefs.h"
|
||||
#include "ui-socket.h"
|
||||
|
||||
char *get_process_name_by_pid(const int pid) {
|
||||
char path[1024];
|
||||
sprintf(path, "/proc/%d/exe", pid);
|
||||
|
||||
char *name = realpath(path, NULL);
|
||||
if (name == NULL) {
|
||||
fprintf(stderr, "Could not get process name by pid %d", pid);
|
||||
perror("");
|
||||
}
|
||||
|
||||
/*
|
||||
size_t namelen = 32;
|
||||
ssize_t readret = 0;
|
||||
char *name = NULL;
|
||||
while (namelen >= (size_t)readret && readret > 0) {
|
||||
namelen *= 2;
|
||||
name = calloc(namelen, sizeof(char));
|
||||
if (name == NULL) {
|
||||
free(path);
|
||||
fprintf(stderr, "Could not get get process name by pid %d", pid);
|
||||
perror("");
|
||||
return NULL;
|
||||
}
|
||||
readret = readlink(path, name, namelen);
|
||||
if (readret < 0) {
|
||||
free(name);
|
||||
free(path);
|
||||
fprintf(stderr, "Couldn't get process name by pid %d", pid);
|
||||
perror("");
|
||||
return NULL;
|
||||
}
|
||||
if (namelen >= (size_t)readret) {
|
||||
free(name);
|
||||
}
|
||||
}
|
||||
*/
|
||||
|
||||
return name;
|
||||
|
||||
/*
|
||||
FILE *file = fopen(path, "r");
|
||||
if (file) {
|
||||
size_t size = 0;
|
||||
size = fread(path, sizeof(char), 1024, file);
|
||||
if (size > 0) {
|
||||
if ('\n' == path[size - 1]) {
|
||||
path[size - 1] = '\0';
|
||||
}
|
||||
}
|
||||
fclose(file);
|
||||
}
|
||||
*/
|
||||
}
|
||||
|
||||
static void *xmp_init(struct fuse_conn_info *conn, struct fuse_config *cfg) {
|
||||
(void)conn;
|
||||
cfg->use_ino = 1;
|
||||
|
||||
@@ -2,9 +2,17 @@ SHELL=/bin/bash
|
||||
|
||||
# configurable options
|
||||
|
||||
SOURCES_DIR := .
|
||||
TESTS_DIR := .
|
||||
BUILD_DIR := .
|
||||
ifndef ($(SOURCES_DIR))
|
||||
SOURCES_DIR := .
|
||||
endif
|
||||
|
||||
ifndef ($(TESTS_DIR))
|
||||
TESTS_DIR := .
|
||||
endif
|
||||
|
||||
ifndef ($(BUILD_DIR))
|
||||
BUILD_DIR := .
|
||||
endif
|
||||
|
||||
CC := gcc
|
||||
CXX := g++
|
||||
@@ -43,10 +51,10 @@ endif
|
||||
|
||||
# set up targets
|
||||
|
||||
TARGETS := $(BUILD_DIR)/zenity
|
||||
TARGETS := $(BUILD_DIR)/icfs_dialogue
|
||||
|
||||
ifeq ($(TEST), 1)
|
||||
TARGETS += zenity_test
|
||||
TARGETS += icfs_dialogue_test
|
||||
endif
|
||||
|
||||
|
||||
@@ -54,16 +62,16 @@ endif
|
||||
|
||||
default: $(TARGETS)
|
||||
|
||||
.PHONY: clean zenity_test
|
||||
.PHONY: clean icfs_dialogue_test
|
||||
|
||||
zenity_test: $(BUILD_DIR)/zenity
|
||||
./zenity 666 cat /home/fedir Downloads
|
||||
icfs_dialogue_test: $(BUILD_DIR)/icfs_dialogue
|
||||
$(BUILD_DIR)/icfs_dialogue 666 cat /home/fedir /Downloads
|
||||
|
||||
$(BUILD_DIR)/zenity: $(BUILD_DIR)/zenity.o
|
||||
$(CC) $(CFLAGS) $^ $(LDFLAGS) -o $(BUILD_DIR)/zenity
|
||||
$(BUILD_DIR)/icfs_dialogue: $(BUILD_DIR)/icfs_dialogue.o
|
||||
$(CC) $(CFLAGS) $^ $(LDFLAGS) -o $(BUILD_DIR)/icfs_dialogue
|
||||
|
||||
$(BUILD_DIR)/zenity.o: $(SOURCES_DIR)/zenity-clone.c
|
||||
$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $(BUILD_DIR)/zenity.o
|
||||
$(BUILD_DIR)/icfs_dialogue.o: $(SOURCES_DIR)/icfs_dialogue.c
|
||||
$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $(BUILD_DIR)/icfs_dialogue.o
|
||||
|
||||
clean:
|
||||
rm $(BUILD_DIR)/*.o $(BUILD_DIR)/zenity
|
||||
rm $(BUILD_DIR)/*.o $(BUILD_DIR)/icfs_dialogue
|
||||
|
||||
@@ -16,7 +16,7 @@ gboolean is_permanent = false;
|
||||
GtkEntryBuffer *entry_buffer = NULL;
|
||||
GtkWidget *checkbox = NULL;
|
||||
|
||||
static void negative_response(GtkWindow *window) {
|
||||
static void positive_response(GtkWindow *window) {
|
||||
fprintf(stdout, "%s", gtk_entry_buffer_get_text(entry_buffer));
|
||||
exit_code = (gtk_check_button_get_active(GTK_CHECK_BUTTON(checkbox)))
|
||||
? YES | PERM
|
||||
@@ -24,7 +24,7 @@ static void negative_response(GtkWindow *window) {
|
||||
gtk_window_close(window);
|
||||
}
|
||||
|
||||
static void positive_response(GtkWindow *window) {
|
||||
static void negative_response(GtkWindow *window) {
|
||||
fprintf(stdout, "%s", gtk_entry_buffer_get_text(entry_buffer));
|
||||
exit_code = (gtk_check_button_get_active(GTK_CHECK_BUTTON(checkbox)))
|
||||
? NO | PERM
|
||||
@@ -138,8 +138,13 @@ static int on_command_line(GApplication *app, GApplicationCommandLine *cmdline,
|
||||
}
|
||||
|
||||
int main(int argc, char **argv) {
|
||||
|
||||
if (argc == 2 && strcmp(argv[1], "--version") == 0) {
|
||||
fprintf(stdout, "icfs_dialogue 1.0.0");
|
||||
}
|
||||
|
||||
// Create a new application
|
||||
AdwApplication *app = adw_application_new("com.example.zenityclone",
|
||||
AdwApplication *app = adw_application_new("de.umbrasolis.icfs_dialogue",
|
||||
G_APPLICATION_HANDLES_COMMAND_LINE);
|
||||
|
||||
g_signal_connect(app, "command-line", G_CALLBACK(on_command_line), NULL);
|
||||
@@ -8,7 +8,9 @@
|
||||
|
||||
#include "perm_permissions_table.h"
|
||||
#include "access_t.h"
|
||||
#include "proc_operations.h"
|
||||
#include "process_info.h"
|
||||
#include "set_mode_t.h"
|
||||
#include <fcntl.h>
|
||||
#include <pthread.h>
|
||||
#include <sqlite3.h>
|
||||
@@ -83,10 +85,21 @@ static int check_table_col_schema(void *notused, int argc, char **argv,
|
||||
}
|
||||
|
||||
static int set_flag(void *flag, int argc, char **argv, char **colname) {
|
||||
(void)argc;
|
||||
(void)argv;
|
||||
(void)colname;
|
||||
|
||||
if (argc < 3) {
|
||||
fprintf(stderr,
|
||||
"Unexpected amount of arguments given to the callback: %d.\n",
|
||||
argc);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (atoi(argv[2])) {
|
||||
fprintf(stderr, "Third column was: %s\n", argv[2]);
|
||||
*(int *)flag = 1;
|
||||
} else {
|
||||
*(int *)flag = -1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -182,7 +195,7 @@ int init_perm_permissions_table(const char *db_filename) {
|
||||
/**
|
||||
* Destroys the permanent permissions table.
|
||||
*/
|
||||
void destroy_perm_permissions_table() { sqlite3_close(perm_database); }
|
||||
void destroy_perm_permissions_table(void) { sqlite3_close(perm_database); }
|
||||
|
||||
/**
|
||||
* Checks if the process has a permanent access to the file.
|
||||
@@ -192,13 +205,16 @@ void destroy_perm_permissions_table() { sqlite3_close(perm_database); }
|
||||
* @return: access status - ALLOW, DENY or NDEF in case if no information was
|
||||
* found
|
||||
*/
|
||||
access_t check_perm_access(const char *filename, struct process_info pi) {
|
||||
access_t check_perm_access_noparent(const char *filename,
|
||||
struct process_info pi) {
|
||||
|
||||
char *query = NULL;
|
||||
int ret = asprintf(&query,
|
||||
"SELECT * FROM %s WHERE executable = \'%s\' "
|
||||
"AND filename = \'%s\' AND mode = TRUE;",
|
||||
table_name, pi.name, filename);
|
||||
"AND ((\'%s\' LIKE CONCAT(filename, \'%%\') AND filename "
|
||||
"GLOB \'*/\') OR filename = \'%s\');",
|
||||
table_name, pi.name, filename, filename);
|
||||
fprintf(stderr, "query: %s\n", query);
|
||||
|
||||
if (ret < 0) {
|
||||
// If asprintf fails, the contents of query are undefined (see man
|
||||
@@ -220,9 +236,51 @@ access_t check_perm_access(const char *filename, struct process_info pi) {
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
if (flag) {
|
||||
if (flag == 1) {
|
||||
return ALLOW;
|
||||
}
|
||||
if (flag == -1) {
|
||||
return DENY;
|
||||
}
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if the process or any of it's parents have permanent access to the
|
||||
* file.
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @pram pi: The process information
|
||||
* @return: access status - ALLOW, DENY or NDEF in case if no information was
|
||||
* found. Does not return ALLOW_TEMP or DENY_TEMP.
|
||||
* @note: In case one of the parent processes is killed while this function
|
||||
* execution the result is not guranteed to be correct. It should only lead to
|
||||
* false negatives, though.
|
||||
*/
|
||||
access_t check_perm_access(const char *filename, struct process_info pi) {
|
||||
if (pi.PID == 0) {
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
struct process_info current_pi = pi;
|
||||
current_pi.name = strdup(current_pi.name);
|
||||
while (current_pi.PID != 0) {
|
||||
access_t access = check_perm_access_noparent(filename, current_pi);
|
||||
free(current_pi.name);
|
||||
if (access != NDEF) {
|
||||
return access;
|
||||
}
|
||||
current_pi.name = NULL;
|
||||
while (current_pi.name == NULL) {
|
||||
current_pi.PID = get_parent_pid(current_pi.PID);
|
||||
if (current_pi.PID != 0) {
|
||||
current_pi.name = get_process_name_by_pid(current_pi.PID);
|
||||
} else {
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
@@ -233,10 +291,19 @@ access_t check_perm_access(const char *filename, struct process_info pi) {
|
||||
* @param pi: The process information
|
||||
* @return: 0 on success, 1 on failure
|
||||
*/
|
||||
int give_perm_access(const char *filename, struct process_info pi) {
|
||||
int set_perm_access(const char *filename, struct process_info pi,
|
||||
set_mode_t mode) {
|
||||
char *query = NULL;
|
||||
int ret = asprintf(&query, "INSERT INTO %s VALUES (\'%s\', \'%s\', TRUE);",
|
||||
int ret = -1;
|
||||
if (mode == SET_ALLOW) {
|
||||
ret = asprintf(&query, "INSERT INTO %s VALUES (\'%s\', \'%s\', TRUE);",
|
||||
table_name, pi.name, filename);
|
||||
} else if (mode == SET_DENY) {
|
||||
ret = asprintf(&query, "INSERT INTO %s VALUES (\'%s\', \'%s\', FALSE);",
|
||||
table_name, pi.name, filename);
|
||||
} else {
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (ret < 0) {
|
||||
// If asprintf fails, the contents of query are undefined (see man
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
|
||||
#include "access_t.h"
|
||||
#include "process_info.h"
|
||||
#include "set_mode_t.h"
|
||||
|
||||
/**
|
||||
* Initializes the permanent permissions table.
|
||||
@@ -40,8 +41,11 @@ access_t check_perm_access(const char *filename, struct process_info pi);
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @param pi: The process information
|
||||
* @param mode: Kind of access rule to be set - SET_DENY to deny access, and
|
||||
* SET_ALLOW to allow access.
|
||||
* @return: 0 on success, -1 on failure
|
||||
*/
|
||||
int give_perm_access(const char *filename, struct process_info pi);
|
||||
int set_perm_access(const char *filename, struct process_info pi,
|
||||
set_mode_t mode);
|
||||
|
||||
#endif // #ifdef PERM_PERMISSION_TABLE_H
|
||||
|
||||
45
src/proc_operations.c
Normal file
45
src/proc_operations.c
Normal file
@@ -0,0 +1,45 @@
|
||||
#include "proc_operations.h"
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
char *get_process_name_by_pid(const int pid) {
|
||||
char path[1024];
|
||||
sprintf(path, "/proc/%d/exe", pid);
|
||||
|
||||
char *name = realpath(path, NULL);
|
||||
if (name == NULL) {
|
||||
fprintf(stderr, "Could not get process name by pid %d", pid);
|
||||
perror("");
|
||||
}
|
||||
return name;
|
||||
}
|
||||
|
||||
/**
|
||||
* Finds the parent process ID of a given process.
|
||||
*
|
||||
* @param pid: The process ID of the process to find the parent of
|
||||
* @return: The parent process ID, or 0 if the parent process ID could not be
|
||||
* found
|
||||
*/
|
||||
pid_t get_parent_pid(pid_t pid) {
|
||||
pid_t ppid = 0;
|
||||
char path[256];
|
||||
snprintf(path, sizeof(path), "/proc/%u/status", pid);
|
||||
|
||||
FILE *file = fopen(path, "r");
|
||||
if (file == NULL) {
|
||||
perror("Failed to open /proc/<pid>/status");
|
||||
return 0;
|
||||
}
|
||||
|
||||
char line[256];
|
||||
while (fgets(line, sizeof(line), file)) {
|
||||
if (sscanf(line, "PPid:\t%d", &ppid) == 1) {
|
||||
fclose(file);
|
||||
return ppid;
|
||||
}
|
||||
}
|
||||
|
||||
fclose(file);
|
||||
return 0; // Parent PID not found
|
||||
}
|
||||
17
src/proc_operations.h
Normal file
17
src/proc_operations.h
Normal file
@@ -0,0 +1,17 @@
|
||||
#ifndef PROC_OPERATIONS
|
||||
#define PROC_OPERATIONS
|
||||
|
||||
#include <time.h>
|
||||
|
||||
char *get_process_name_by_pid(const int pid);
|
||||
|
||||
/**
|
||||
* Finds the parent process ID of a given process.
|
||||
*
|
||||
* @param pid: The process ID of the process to find the parent of
|
||||
* @return: The parent process ID, or 0 if the parent process ID could not be
|
||||
* found
|
||||
*/
|
||||
pid_t get_parent_pid(pid_t pid);
|
||||
|
||||
#endif // !PROC_OPERATIONS
|
||||
5
src/set_mode_t.h
Normal file
5
src/set_mode_t.h
Normal file
@@ -0,0 +1,5 @@
|
||||
|
||||
#ifndef SET_MODE_T_H
|
||||
#define SET_MODE_T_H
|
||||
typedef enum { SET_DENY, SET_ALLOW } set_mode_t;
|
||||
#endif // !SET_MODE_T_H
|
||||
@@ -9,9 +9,12 @@
|
||||
#include "temp_permissions_table.h"
|
||||
#include "access_t.h"
|
||||
#include "cc.h"
|
||||
#include "proc_operations.h"
|
||||
#include "process_info.h"
|
||||
#include <pthread.h>
|
||||
#include <stddef.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <sys/types.h>
|
||||
|
||||
struct temp_process_permissions {
|
||||
@@ -126,14 +129,23 @@ access_t check_temp_access_noparent(const char *filename, pid_t pid) {
|
||||
if (process_creation_time == permission_entry->creation_time) {
|
||||
// the process is the same as the one that was granted temporary access
|
||||
// to the file
|
||||
size_t filename_len = strlen(filename);
|
||||
for_each(&permission_entry->denied_files, denied_file) {
|
||||
if (strncmp(*denied_file, filename, strlen(filename)) == 0) {
|
||||
size_t denied_file_len = strlen(*denied_file);
|
||||
if (strncmp(*denied_file, filename, denied_file_len) == 0 &&
|
||||
((denied_file_len < filename_len &&
|
||||
(*denied_file)[denied_file_len - 1] == '/') ||
|
||||
(denied_file_len == filename_len))) {
|
||||
pthread_mutex_unlock(&temp_permissions_table_lock);
|
||||
return DENY;
|
||||
}
|
||||
}
|
||||
for_each(&permission_entry->allowed_files, allowed_file) {
|
||||
if (strncmp(*allowed_file, filename, strlen(filename)) == 0) {
|
||||
size_t allowed_file_len = strlen(*allowed_file);
|
||||
if (strncmp(*allowed_file, filename, allowed_file_len) == 0 &&
|
||||
((allowed_file_len < filename_len &&
|
||||
(*allowed_file)[allowed_file_len - 1] == '/') ||
|
||||
(allowed_file_len == filename_len))) {
|
||||
pthread_mutex_unlock(&temp_permissions_table_lock);
|
||||
return ALLOW;
|
||||
}
|
||||
@@ -144,36 +156,6 @@ access_t check_temp_access_noparent(const char *filename, pid_t pid) {
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
/**
|
||||
* Finds the parent process ID of a given process.
|
||||
*
|
||||
* @param pid: The process ID of the process to find the parent of
|
||||
* @return: The parent process ID, or 0 if the parent process ID could not be
|
||||
* found
|
||||
*/
|
||||
pid_t get_parent_pid(pid_t pid) {
|
||||
pid_t ppid = 0;
|
||||
char path[256];
|
||||
snprintf(path, sizeof(path), "/proc/%u/status", pid);
|
||||
|
||||
FILE *file = fopen(path, "r");
|
||||
if (file == NULL) {
|
||||
perror("Failed to open /proc/<pid>/status");
|
||||
return 0;
|
||||
}
|
||||
|
||||
char line[256];
|
||||
while (fgets(line, sizeof(line), file)) {
|
||||
if (sscanf(line, "PPid:\t%d", &ppid) == 1) {
|
||||
fclose(file);
|
||||
return ppid;
|
||||
}
|
||||
}
|
||||
|
||||
fclose(file);
|
||||
return 0; // Parent PID not found
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if the process or any of it's parents have temporary access to the
|
||||
* file.
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
|
||||
#include "access_t.h"
|
||||
#include "process_info.h"
|
||||
#include "set_mode_t.h"
|
||||
|
||||
/**
|
||||
* Initializes the temporary permissions table.
|
||||
@@ -35,8 +36,6 @@ void destroy_temp_permissions_table(void);
|
||||
*/
|
||||
access_t check_temp_access(const char *filename, struct process_info pi);
|
||||
|
||||
typedef enum { SET_DENY, SET_ALLOW } set_mode_t;
|
||||
|
||||
/**
|
||||
* Sets temporary access mode of the process to the file.
|
||||
*
|
||||
|
||||
153
src/ui-socket.c
153
src/ui-socket.c
@@ -14,8 +14,10 @@
|
||||
#include "cc.h"
|
||||
#include "perm_permissions_table.h"
|
||||
#include "real_filename.h"
|
||||
#include "sourcefs.h"
|
||||
#include "temp_permissions_table.h"
|
||||
#include "ui-socket.h"
|
||||
#include <assert.h>
|
||||
#include <pthread.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@@ -24,9 +26,14 @@
|
||||
#include <sys/un.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#define ZENITY_YES 0
|
||||
#define ZENITY_NO 1
|
||||
#define ZENITY_PERM 2
|
||||
#define DIALOGUE_YES 0
|
||||
#define DIALOGUE_NO 1
|
||||
#define DIALOGUE_PERM 2
|
||||
|
||||
struct dialogue_response {
|
||||
access_t decision;
|
||||
char *filename;
|
||||
};
|
||||
|
||||
int init_ui_socket(const char *perm_permissions_db_filename) {
|
||||
FILE *fp = NULL;
|
||||
@@ -41,8 +48,8 @@ int init_ui_socket(const char *perm_permissions_db_filename) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
// Test if Zenity is installed (get version)
|
||||
fp = popen("zenity --version", "r");
|
||||
// Test if dialogue is installed (get version)
|
||||
fp = popen("icfs_dialogue --version", "r");
|
||||
if (fp == NULL) {
|
||||
perror("Pipe returned an error");
|
||||
return 1;
|
||||
@@ -66,11 +73,16 @@ void destroy_ui_socket(void) {
|
||||
* @return: access status - ALLOW, DENY or ALLOW_TEMP
|
||||
* allowed for the runtime of the process
|
||||
*/
|
||||
access_t ask_access(const char *filename, struct process_info proc_info) {
|
||||
struct dialogue_response ask_access(const char *filename,
|
||||
struct process_info proc_info) {
|
||||
FILE *fp = NULL;
|
||||
char *command = NULL;
|
||||
int ret = asprintf(&command, "zenity \"%d\" \"%s\" \"%s\" \"%s\"",
|
||||
proc_info.PID, proc_info.name, filename, get_mountpoint());
|
||||
int ret = asprintf(&command, "icfs_dialogue \"%d\" \"%s\" \"%s\" \"%s\"",
|
||||
proc_info.PID, proc_info.name, get_mountpoint(), filename);
|
||||
|
||||
struct dialogue_response response;
|
||||
response.decision = DENY;
|
||||
response.filename = NULL;
|
||||
|
||||
if (ret < 0) {
|
||||
// If asprintf fails, the contents of command are undefined (see man
|
||||
@@ -79,44 +91,64 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
|
||||
// justify preparing for this.
|
||||
fprintf(stderr, "Could not create query on rule insertion");
|
||||
perror("");
|
||||
return 1;
|
||||
response.decision = DENY;
|
||||
response.filename = malloc(2);
|
||||
response.filename[0] = '/';
|
||||
response.filename[1] = 0;
|
||||
return response;
|
||||
}
|
||||
|
||||
// Zenity Question Message Popup
|
||||
// dialogue Question Message Popup
|
||||
fp = popen(command, "r");
|
||||
free(command);
|
||||
|
||||
if (fp == NULL) {
|
||||
perror("Pipe returned a error");
|
||||
return DENY;
|
||||
response.decision = DENY;
|
||||
response.filename = malloc(2);
|
||||
response.filename[0] = '/';
|
||||
response.filename[1] = 0;
|
||||
return response;
|
||||
}
|
||||
|
||||
str(char) zenity_output;
|
||||
init(&zenity_output);
|
||||
str(char) dialogue_output;
|
||||
init(&dialogue_output);
|
||||
|
||||
size_t total_read = 0;
|
||||
char line[1024]; // Buffer to read individual lines
|
||||
|
||||
// Read the command output line by line
|
||||
while (fgets(line, sizeof(line), fp)) {
|
||||
size_t line_len = strlen(line);
|
||||
push_fmt(&zenity_output, line);
|
||||
push_fmt(&dialogue_output, line);
|
||||
}
|
||||
|
||||
int zenity_exit_code = WEXITSTATUS(pclose(fp));
|
||||
fprintf(stderr, "zenity wrote out %s\n", first(&zenity_output));
|
||||
fprintf(stderr, "zenity returned %d\n", zenity_exit_code);
|
||||
int dialogue_exit_code = WEXITSTATUS(pclose(fp));
|
||||
fprintf(stderr, "dialogue wrote out %s\n", first(&dialogue_output));
|
||||
fprintf(stderr, "dialogue returned %d\n", dialogue_exit_code);
|
||||
|
||||
cleanup(&zenity_output);
|
||||
|
||||
if (zenity_exit_code == (ZENITY_YES | ZENITY_PERM)) {
|
||||
return ALLOW;
|
||||
}
|
||||
if (zenity_exit_code == ZENITY_YES) {
|
||||
return ALLOW_TEMP;
|
||||
if (size(&dialogue_output) == 0) {
|
||||
push(&dialogue_output, '/');
|
||||
}
|
||||
|
||||
return DENY;
|
||||
assert(strlen(first(&dialogue_output)) == size(&dialogue_output));
|
||||
|
||||
response.filename = malloc(size(&dialogue_output) + 1);
|
||||
strcpy(response.filename, first(&dialogue_output));
|
||||
// response.filename[size(&dialogue_output)] = 0;
|
||||
|
||||
// assert(0 == strcmp(response.filename, first(&dialogue_output)));
|
||||
cleanup(&dialogue_output);
|
||||
|
||||
if (dialogue_exit_code == (DIALOGUE_YES | DIALOGUE_PERM)) {
|
||||
response.decision = ALLOW;
|
||||
} else if (dialogue_exit_code == DIALOGUE_YES) {
|
||||
response.decision = ALLOW_TEMP;
|
||||
} else if (dialogue_exit_code == (DIALOGUE_NO | DIALOGUE_PERM)) {
|
||||
response.decision = DENY;
|
||||
} else {
|
||||
response.decision = DENY_TEMP;
|
||||
}
|
||||
|
||||
return response;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -136,20 +168,36 @@ int interactive_access(const char *filename, struct process_info proc_info,
|
||||
|
||||
access_t access = check_temp_access(real_path, proc_info);
|
||||
if (access == ALLOW) {
|
||||
fprintf(stderr,
|
||||
"Permission allowed to %s based on a rule present in the temp "
|
||||
"permission table.\n",
|
||||
proc_info.name);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
if (access == DENY) {
|
||||
fprintf(stderr,
|
||||
"Permission denied to %s based on a rule present in the temp "
|
||||
"permission table.\n",
|
||||
proc_info.name);
|
||||
free(real_path);
|
||||
return 0;
|
||||
}
|
||||
|
||||
access = check_perm_access(real_path, proc_info);
|
||||
if (access == ALLOW) {
|
||||
fprintf(stderr,
|
||||
"Permission allowed to %s based on a rule present in the perm "
|
||||
"permission table.\n",
|
||||
proc_info.name);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
if (access == DENY) {
|
||||
fprintf(stderr,
|
||||
"Permission denied to %s based on a rule present in the perm "
|
||||
"permission table.\n",
|
||||
proc_info.name);
|
||||
free(real_path);
|
||||
return 0;
|
||||
}
|
||||
@@ -158,35 +206,74 @@ int interactive_access(const char *filename, struct process_info proc_info,
|
||||
// permissions are granted
|
||||
|
||||
if (opts & GRANT_PERM) {
|
||||
give_perm_access(real_path, proc_info);
|
||||
fprintf(stderr, "Permission granted permanently to %s.\n", proc_info.name);
|
||||
set_perm_access(real_path, proc_info, SET_ALLOW);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
if (opts & GRANT_TEMP) {
|
||||
fprintf(stderr, "Permission granted temporarily to %s.\n", proc_info.name);
|
||||
set_temp_access(real_path, proc_info, SET_ALLOW);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
|
||||
access_t user_response = ask_access(real_path, proc_info);
|
||||
if (user_response == ALLOW) {
|
||||
give_perm_access(real_path, proc_info);
|
||||
struct dialogue_response response = ask_access(filename, proc_info);
|
||||
// fprintf(stderr, "%s", response.filename);
|
||||
// assert(0 != strlen(response.filename));
|
||||
|
||||
// the user might specify a different file in the dialogue, so we need to
|
||||
// check if it is valid
|
||||
|
||||
while (source_access(response.filename, F_OK)) {
|
||||
// if it is invalid, just ask again.
|
||||
fprintf(stderr, "Filename returned by zenty wasn't correct: %s\n",
|
||||
response.filename);
|
||||
free(response.filename);
|
||||
response = ask_access(filename, proc_info);
|
||||
}
|
||||
|
||||
free(real_path);
|
||||
|
||||
real_path = real_filename(response.filename);
|
||||
free(response.filename);
|
||||
|
||||
if (response.decision == ALLOW) {
|
||||
fprintf(stderr,
|
||||
"Permission granted permanently to %s based on zenty response.\n",
|
||||
proc_info.name);
|
||||
set_perm_access(real_path, proc_info, SET_ALLOW);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (user_response == ALLOW_TEMP) {
|
||||
if (response.decision == ALLOW_TEMP) {
|
||||
fprintf(stderr,
|
||||
"Permission granted temporarily to %s based on zenty response.\n",
|
||||
proc_info.name);
|
||||
set_temp_access(real_path, proc_info, SET_ALLOW);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (user_response == DENY) {
|
||||
if (response.decision == DENY_TEMP) {
|
||||
fprintf(stderr,
|
||||
"Permission denied temporarily to %s based on zenty response.\n",
|
||||
proc_info.name);
|
||||
set_temp_access(real_path, proc_info, SET_DENY);
|
||||
free(real_path);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (response.decision == DENY) {
|
||||
fprintf(stderr,
|
||||
"Permission denied permanently to %s based on zenty response.\n",
|
||||
proc_info.name);
|
||||
set_perm_access(real_path, proc_info, SET_DENY);
|
||||
free(real_path);
|
||||
return 0;
|
||||
}
|
||||
|
||||
free(real_path);
|
||||
// deny on unknown options.
|
||||
return 0;
|
||||
|
||||
41
test/mock/icfs_dialogue
Executable file
41
test/mock/icfs_dialogue
Executable file
@@ -0,0 +1,41 @@
|
||||
#!/bin/bash
|
||||
|
||||
# fake-icfs_dialogue: script that mocks the behavior of icfs_dialogue based on the ./.fake-icfs_dialogue-response file
|
||||
|
||||
ICFS_DIALOGUE_YES=0
|
||||
ICFS_DIALOGUE_NO=1
|
||||
ICFS_DIALOGUE_PERM=2
|
||||
|
||||
if [[ $1 == "--set-fake-response" ]]; then
|
||||
#someone knows we are fake :)
|
||||
echo "$2" >~/.fake_icfs_dialogue_response
|
||||
elif [[ $1 == "--set-fake-response-filename" ]]; then
|
||||
echo "$2" >~/.fake_icfs_dialogue_response_filename
|
||||
elif [[ $1 == "--reset-fake-response" ]]; then
|
||||
rm ~/.fake_icfs_dialogue_response ~/.fake_icfs_dialogue_response_filename
|
||||
else
|
||||
if [ -f ~/.fake_icfs_dialogue_response ]; then
|
||||
FAKE_ICFS_DIALOGUE_RESPONSE=$(cat ~/.fake_icfs_dialogue_response)
|
||||
|
||||
if [[ -f ~/.fake_icfs_dialogue_response_filename ]]; then
|
||||
FAKE_ICFS_DIALOGUE_RESPONSE_FILENAME=$(cat ~/.fake_icfs_dialogue_response_filename)
|
||||
if [[ $FAKE_ICFS_DIALOGUE_RESPONSE_FILENAME == "" ]]; then
|
||||
printf "%s" "$4"
|
||||
else
|
||||
printf "%s" "$(cat ~/.fake_icfs_dialogue_response_filename)"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "yes" ]]; then
|
||||
exit "$ICFS_DIALOGUE_YES"
|
||||
elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "no" ]]; then
|
||||
exit "$ICFS_DIALOGUE_NO"
|
||||
elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "yes_perm" ]]; then
|
||||
exit "$((ICFS_DIALOGUE_YES | ICFS_DIALOGUE_PERM))"
|
||||
elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "no_perm" ]]; then
|
||||
exit "$((ICFS_DIALOGUE_NO | ICFS_DIALOGUE_PERM))"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
exit 255 # TODO: call actual icfs_dialogue here
|
||||
@@ -1,23 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# fake-zenity: script that mocks the behavior of zenity based on the ./.fake-zenity-response file
|
||||
|
||||
if [[ $1 == "--set-fake-response" ]]; then
|
||||
#someone knows we are fake :)
|
||||
echo $2 >~/.fake_zenity_response
|
||||
else
|
||||
if [ -f ~/.fake_zenity_response ]; then
|
||||
FAKE_ZENITY_RESPONSE=$(cat ~/.fake_zenity_response)
|
||||
|
||||
if [[ $FAKE_ZENITY_RESPONSE == "yes_tmp" ]]; then
|
||||
printf "Allow this time\n"
|
||||
exit 1
|
||||
elif [[ $FAKE_ZENITY_RESPONSE == "no" ]]; then
|
||||
exit 1
|
||||
elif [[ $FAKE_ZENITY_RESPONSE == "yes" ]]; then
|
||||
exit 0
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
exit 255 # TODO: call actual zenity here
|
||||
81
test/opener/Makefile
Normal file
81
test/opener/Makefile
Normal file
@@ -0,0 +1,81 @@
|
||||
SHELL=/bin/bash
|
||||
|
||||
# configurable options
|
||||
|
||||
ifndef ($(SOURCES_DIR))
|
||||
SOURCES_DIR := .
|
||||
endif
|
||||
|
||||
ifndef ($(TESTS_DIR))
|
||||
TESTS_DIR := .
|
||||
endif
|
||||
|
||||
ifndef ($(BUILD_DIR))
|
||||
BUILD_DIR := .
|
||||
endif
|
||||
|
||||
CC := gcc
|
||||
CXX := g++
|
||||
|
||||
NAME := opener
|
||||
|
||||
# dependencies
|
||||
|
||||
PACKAGE_NAMES :=
|
||||
|
||||
ifeq ($(TEST), 1)
|
||||
# PACKAGE_NAMES += check # TODO: use check?
|
||||
endif
|
||||
|
||||
|
||||
# set up cflags and libs
|
||||
|
||||
CFLAGS :=
|
||||
LDFLAGS :=
|
||||
|
||||
ifneq ($(PACKAGE_NAMES),)
|
||||
CFLAGS += $(shell pkg-config --cflags $(PACKAGE_NAMES))
|
||||
LDFLAGS += $(shell pkg-config --libs $(PACKAGE_NAMES))
|
||||
endif
|
||||
|
||||
ifeq ($(DEBUG),1)
|
||||
CFLAGS += -O0 -pedantic -g -Wall -Wextra -Wcast-align \
|
||||
-Wcast-qual -Wdisabled-optimization -Wformat=2 \
|
||||
-Winit-self -Wlogical-op -Wmissing-declarations \
|
||||
-Wmissing-include-dirs -Wredundant-decls -Wshadow \
|
||||
-Wsign-conversion -Wstrict-overflow=5 \
|
||||
-Wswitch-default -Wundef -Wno-unused
|
||||
LDFLAGS +=
|
||||
else
|
||||
CFLAGS += -O3
|
||||
LDFLAGS +=
|
||||
endif
|
||||
|
||||
|
||||
# set up targets
|
||||
|
||||
TARGETS := $(BUILD_DIR)/$(NAME)
|
||||
|
||||
ifeq ($(TEST), 1)
|
||||
TARGETS += $(NAME)_test
|
||||
endif
|
||||
|
||||
|
||||
# build!
|
||||
|
||||
default: $(TARGETS)
|
||||
|
||||
.PHONY: clean $(NAME)_test
|
||||
|
||||
$(NAME)_test: $(BUILD_DIR)/$(NAME)
|
||||
echo "No tests defined."
|
||||
#$(BUILD_DIR)/$(NAME)
|
||||
|
||||
$(BUILD_DIR)/$(NAME): $(BUILD_DIR)/$(NAME).o
|
||||
$(CC) $(CFLAGS) $^ $(LDFLAGS) -o $(BUILD_DIR)/$(NAME)
|
||||
|
||||
$(BUILD_DIR)/$(NAME).o: $(SOURCES_DIR)/$(NAME).c
|
||||
$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $(BUILD_DIR)/$(NAME).o
|
||||
|
||||
clean:
|
||||
rm $(BUILD_DIR)/*.o $(BUILD_DIR)/$(NAME)
|
||||
86
test/opener/opener.c
Normal file
86
test/opener/opener.c
Normal file
@@ -0,0 +1,86 @@
|
||||
#include <dirent.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/types.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#define PATH_MAX 4096
|
||||
|
||||
int main(int argc, char *argv[]) {
|
||||
// Check for correct usage
|
||||
if (argc != 2) {
|
||||
fprintf(stderr, "Usage: %s <pathname>\n", argv[0]);
|
||||
return 1;
|
||||
}
|
||||
|
||||
const char *path = argv[1];
|
||||
struct stat statbuf;
|
||||
|
||||
// Stat the given path to determine if it's a directory
|
||||
if (lstat(path, &statbuf) == -1) {
|
||||
perror("lstat");
|
||||
return 1;
|
||||
}
|
||||
|
||||
// Case 1: The path is not a directory
|
||||
if (!S_ISDIR(statbuf.st_mode)) {
|
||||
int fd = open(path, O_RDONLY);
|
||||
if (fd == -1) {
|
||||
perror("open");
|
||||
return 1;
|
||||
}
|
||||
close(fd);
|
||||
return 0;
|
||||
}
|
||||
|
||||
// Case 2: The path is a directory
|
||||
DIR *dirp = opendir(path);
|
||||
if (dirp == NULL) {
|
||||
perror("opendir");
|
||||
return 1;
|
||||
}
|
||||
|
||||
struct dirent *entry;
|
||||
int success = 1;
|
||||
|
||||
while ((entry = readdir(dirp)) != NULL) {
|
||||
// Skip . and ..
|
||||
if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// Construct the full path
|
||||
char fullpath[PATH_MAX];
|
||||
snprintf(fullpath, PATH_MAX, "%s/%s", path, entry->d_name);
|
||||
|
||||
// Stat the entry to check if it's a regular file
|
||||
struct stat entry_stat;
|
||||
if (lstat(fullpath, &entry_stat) == -1) {
|
||||
perror("lstat");
|
||||
success = 0;
|
||||
break;
|
||||
}
|
||||
|
||||
// Only process regular files
|
||||
if (!S_ISREG(entry_stat.st_mode)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// Try to open and immediately close the file
|
||||
int fd = open(fullpath, O_RDONLY);
|
||||
if (fd == -1) {
|
||||
perror("open");
|
||||
success = 0;
|
||||
break;
|
||||
}
|
||||
close(fd);
|
||||
}
|
||||
|
||||
closedir(dirp);
|
||||
|
||||
return (success ? 0 : 1);
|
||||
}
|
||||
125
test/test.bash
125
test/test.bash
@@ -9,6 +9,24 @@ touch ./protected/do-not-remove ./protected/should-be-removed ./protected/truth
|
||||
chmod 777 ./protected/perm777 ./protected/perm000
|
||||
echo "Free code, free world." >./protected/motto
|
||||
|
||||
mkdir protected/haystack
|
||||
for i in {1..10}; do
|
||||
touch "./protected/haystack/hay$i"
|
||||
done
|
||||
touch ./protected/haystack/needle
|
||||
echo "Liberty in every line." >./protected/haystack/needle
|
||||
|
||||
rm -rf ./openers
|
||||
mkdir openers
|
||||
make -C ./opener || (
|
||||
echo "Could not make the opener program."
|
||||
exit 1
|
||||
)
|
||||
for i in {1..10}; do
|
||||
cp ./opener/opener "./openers/opener$i"
|
||||
ln --symbolic "$(realpath "./openers/opener$i")" "./openers/symlinked_opener$i"
|
||||
done
|
||||
|
||||
# set up the fake-zenity
|
||||
|
||||
PATH="$(realpath ./mock/):$PATH"
|
||||
@@ -28,7 +46,8 @@ if [[ $1 == "--setuid" ]]; then
|
||||
else
|
||||
echo "Database protection will not be tested due to the lack of setuid capabilites."
|
||||
echo "To test it, run this script with '--setuid'."
|
||||
valgrind -s ../build/icfs -o default_permissions ./protected ./.pt.db &
|
||||
#valgrind --leak-check=full -s ../build/icfs -o default_permissions -o debug ./protected ./.pt.db 2>&1 | grep "==\|zenity\|Permission\|column\|callback" &
|
||||
valgrind --leak-check=full -s ../build/icfs -o default_permissions ./protected ./.pt.db &
|
||||
sleep 5
|
||||
fi
|
||||
|
||||
@@ -39,96 +58,156 @@ fi
|
||||
|
||||
# create files
|
||||
|
||||
zenity --set-fake-response no
|
||||
icfs_dialogue --set-fake-response no
|
||||
truncate -s 0 ./protected/should-exist-anyway 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: truncate cannot create protected/should-exist despite access being permitted!" # OK
|
||||
|
||||
zenity --set-fake-response yes_tmp
|
||||
icfs_dialogue --set-fake-response yes
|
||||
truncate -s 0 ./protected/should-exist 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: truncate cannot create protected/should-exist despite access being permitted!" # OK
|
||||
|
||||
# write to files
|
||||
|
||||
zenity --set-fake-response no
|
||||
icfs_dialogue --set-fake-response no
|
||||
sed -e 'a\'"Linux is a cancer that attaches itself in an intellectual property sense to everything it touches." "./protected/truth" 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: echo can write to protected/lie despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
|
||||
zenity --set-fake-response yes_tmp
|
||||
icfs_dialogue --set-fake-response yes
|
||||
sed -e 'a\'"Sharing knowledge is the most fundamental act of friendship. Because it is a way you can give something without loosing something." "./protected/truth" 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: echo cannot write to protected/truth despite access being permitted!" # OK
|
||||
|
||||
# Read files
|
||||
|
||||
zenity --set-fake-response no
|
||||
icfs_dialogue --set-fake-response no
|
||||
cat ./protected/motto >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: cat can read protected/this-only despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
|
||||
zenity --set-fake-response yes_tmp
|
||||
icfs_dialogue --set-fake-response yes
|
||||
cat ./protected/motto >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: echo cannot create protected/this-only despite access being permitted!" # "Free code, free world."
|
||||
|
||||
# remove files
|
||||
|
||||
zenity --set-fake-response no
|
||||
icfs_dialogue --set-fake-response no
|
||||
rm ./protected/do-not-remove >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: rm can unlink protected/do-not-remove despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
|
||||
zenity --set-fake-response yes_tmp
|
||||
icfs_dialogue --set-fake-response yes
|
||||
rm ./protected/should-be-removed >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: rm cannot unlink protected/should-be-removed despite access being permitted!" # OK
|
||||
|
||||
# rename files
|
||||
|
||||
zenity --set-fake-response no
|
||||
icfs_dialogue --set-fake-response no
|
||||
mv ./protected/do-not-rename ./protected/terrible-name 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: mv can rename protected/truth despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
zenity --set-fake-response yes_tmp
|
||||
icfs_dialogue --set-fake-response yes
|
||||
mv ./protected/should-be-renamed ./protected/great-name 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: mv cannot rename should-be-removed to renamed-file despite access being permitted!" # OK
|
||||
|
||||
# change permissions
|
||||
|
||||
zenity --set-fake-response no
|
||||
icfs_dialogue --set-fake-response no
|
||||
chmod 000 ./protected/perm777 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: chmod can change permissions of protected/perm777 despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
zenity --set-fake-response yes_tmp
|
||||
icfs_dialogue --set-fake-response yes
|
||||
chmod 000 ./protected/perm000 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: chmod cannot change permissions of protected/perm000 despite access being permitted!" # OK
|
||||
|
||||
# test permanent permissions
|
||||
|
||||
zenity --set-fake-response yes
|
||||
cat ./protected/motto >/dev/null 2>/dev/null &&
|
||||
icfs_dialogue --set-fake-response yes_perm
|
||||
openers/opener1 ./protected/motto >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: echo cannot read protected/motto despite access being permitted!" # OK
|
||||
echo "[ICFS-TEST]: openers/opener1 cannot read protected/motto despite access being permitted!" # OK
|
||||
|
||||
zenity --set-fake-response no # this should be ignored
|
||||
cat ./protected/motto >/dev/null 2>/dev/null &&
|
||||
icfs_dialogue --set-fake-response no # this should be ignored
|
||||
openers/opener1 ./protected/motto >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: echo cannot read protected/motto despite access being permitted!" # OK
|
||||
echo "[ICFS-TEST]: openers/opener1 cannot read protected/motto despite access being permitted!" # OK
|
||||
|
||||
icfs_dialogue --set-fake-response no # this should be ignored
|
||||
openers/symlinked_opener1 ./protected/motto >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: openers/symlinked_opener1 cannot read protected/motto despite access being permitted!" # OK
|
||||
|
||||
icfs_dialogue --set-fake-response no_perm
|
||||
openers/opener2 ./protected/motto >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: openers/opener2 can read protected/motto despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
|
||||
icfs_dialogue --set-fake-response yes # this should be ignored
|
||||
openers/opener2 ./protected/motto >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: openers/opener2 can read protected/motto despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
|
||||
icfs_dialogue --set-fake-response yes # this should be ignored
|
||||
openers/symlinked_opener2 ./protected/motto >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: openers/symlinked_opener2 can read protected/motto despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
|
||||
# test permission globbing
|
||||
|
||||
icfs_dialogue --set-fake-response yes
|
||||
icfs_dialogue --set-fake-response-filename "/"
|
||||
openers/opener3 ./protected/haystack >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: openers/opener3 cannot read protected/haystack/needle despite access being permitted!" # OK
|
||||
|
||||
icfs_dialogue --set-fake-response no
|
||||
icfs_dialogue --set-fake-response-filename "/"
|
||||
openers/opener4 ./protected/haystack >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: openers/opener4 can read files in protected/haystack despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
|
||||
icfs_dialogue --set-fake-response yes_perm
|
||||
icfs_dialogue --set-fake-response-filename "/"
|
||||
openers/opener5 ./protected/haystack/needle >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: openers/opener5 cannot read protected/haystack/needle despite access being permitted!" # OK
|
||||
|
||||
icfs_dialogue --set-fake-response no # this should be ignored
|
||||
openers/opener5 ./protected/haystack >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: OK" ||
|
||||
echo "[ICFS-TEST]: openers/opener5 cannot read files in protected/haystack despite access being permitted!" # OK
|
||||
|
||||
icfs_dialogue --set-fake-response no_perm
|
||||
icfs_dialogue --set-fake-response-filename "/"
|
||||
openers/opener6 ./protected/haystack/needle >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: openers/opener6 can read protected/haystack/needle despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
|
||||
icfs_dialogue --set-fake-response yes # this should be ignored
|
||||
openers/opener6 ./protected/haystack >/dev/null 2>/dev/null &&
|
||||
echo "[ICFS-TEST]: openers/opener6 can read files in protected/haystack despite access being denied!" ||
|
||||
echo "[ICFS-TEST]: OK" # EACCESS
|
||||
|
||||
# test database access
|
||||
if [[ -r "./.pt.db" || -w "./.pt.db" ]]; then
|
||||
echo "[ICFS-TEST]: permanent permissions is accessible!"
|
||||
else
|
||||
if [[ $1 == '--setuid' ]]; then
|
||||
if [[ -r "./.pt.db" || -w "./.pt.db" ]]; then
|
||||
echo "[ICFS-TEST]: permanent permissions database is accessible!"
|
||||
else
|
||||
echo "[ICFS-TEST]: OK"
|
||||
fi
|
||||
else
|
||||
echo "[ICFS-TEST]: permanent permissions database access was not tested due to the lack of seuid bit setting capabilites. To test this, run the script with '--setuid' flag"
|
||||
fi
|
||||
|
||||
# unmount
|
||||
|
||||
sleep 0.5
|
||||
#lsof +f -- $(realpath ./protected)
|
||||
umount $(realpath ./protected)
|
||||
umount "$(realpath ./protected)"
|
||||
sleep 0.5
|
||||
|
||||
Reference in New Issue
Block a user