Compare commits
11 Commits
profiling
...
5452c3d1d7
| Author | SHA1 | Date | |
|---|---|---|---|
5452c3d1d7
|
|||
|
a1445c5423
|
|||
|
ed441b3c5f
|
|||
|
48342b0d5f
|
|||
|
31b70b6069
|
|||
|
07cb76f425
|
|||
|
747077f365
|
|||
|
ccb449ae57
|
|||
|
c4ef955ff1
|
|||
|
3157940c0b
|
|||
|
92378c1cde
|
2
Makefile
2
Makefile
@@ -71,7 +71,7 @@ $(BUILD_DIR)/main.o: $(SOURCES_DIR)/main.c
|
||||
$(BUILD_DIR)/fuse_operations.o: $(SOURCES_DIR)/fuse_operations.c $(SOURCES_DIR)/fuse_operations.h
|
||||
$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $@
|
||||
|
||||
$(BUILD_DIR)/sourcefs.o: $(SOURCES_DIR)/sourcefs.c $(SOURCES_DIR)/sourcefs.h
|
||||
$(BUILD_DIR)/sourcefs.o: $(SOURCES_DIR)/sourcefs.c $(SOURCES_DIR)/sourcefs.h $(SOURCES_DIR)/real_filename.h
|
||||
$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $@
|
||||
|
||||
$(BUILD_DIR)/ui-socket.o: $(SOURCES_DIR)/ui-socket.c $(SOURCES_DIR)/ui-socket.h
|
||||
|
||||
6
src/access_t.h
Normal file
6
src/access_t.h
Normal file
@@ -0,0 +1,6 @@
|
||||
#ifndef ACCESS_T_H
|
||||
#define ACCESS_T_H
|
||||
|
||||
typedef enum { DENY, ALLOW, ALLOW_TEMP, NDEF } access_t;
|
||||
|
||||
#endif // !ACCESS_T_H
|
||||
@@ -11,6 +11,8 @@
|
||||
See the file LICENSE.
|
||||
*/
|
||||
|
||||
#include "real_filename.h"
|
||||
#include <assert.h>
|
||||
#include <stddef.h>
|
||||
#define FUSE_USE_VERSION 31
|
||||
|
||||
@@ -94,9 +96,6 @@ const char *get_process_name_by_pid(const int pid) {
|
||||
*/
|
||||
}
|
||||
|
||||
// TODO: move this somewhere else
|
||||
const char *real_filename(const char *filename) { return filename; }
|
||||
|
||||
static void *xmp_init(struct fuse_conn_info *conn, struct fuse_config *cfg) {
|
||||
(void)conn;
|
||||
cfg->use_ino = 1;
|
||||
@@ -120,6 +119,7 @@ static void *xmp_init(struct fuse_conn_info *conn, struct fuse_config *cfg) {
|
||||
cfg->attr_timeout = 0;
|
||||
cfg->negative_timeout = 0;
|
||||
fprintf(stderr, "%d\n", getpid());
|
||||
assert(get_mountpoint() != NULL);
|
||||
|
||||
return NULL;
|
||||
}
|
||||
@@ -157,7 +157,7 @@ static int xmp_access(const char *path, int mask) {
|
||||
|
||||
// fprintf(stderr, "%s, %d\n", path, ask_access(path, pi));
|
||||
|
||||
if (!interactive_access(real_filename(path), proc_info, 0)) {
|
||||
if (!interactive_access(path, proc_info, 0)) {
|
||||
free((void *)proc_info.name);
|
||||
return -EACCES;
|
||||
}
|
||||
@@ -323,7 +323,7 @@ static int xmp_unlink(const char *path) {
|
||||
|
||||
// fprintf(stderr, "%s, %d\n", path, ask_access(path, pi));
|
||||
|
||||
if (!interactive_access(real_filename(path), pi, 0)) {
|
||||
if (!interactive_access(path, pi, 0)) {
|
||||
free(pi.name);
|
||||
return -EACCES;
|
||||
}
|
||||
@@ -371,15 +371,14 @@ static int xmp_rename(const char *from, const char *to, unsigned int flags) {
|
||||
|
||||
// fprintf(stderr, "%s, %d\n", path, ask_access(path, pi));
|
||||
|
||||
if (!interactive_access(real_filename(from), pi, 0)) {
|
||||
if (!interactive_access(from, pi, 0)) {
|
||||
free(pi.name);
|
||||
return -EACCES;
|
||||
}
|
||||
|
||||
// the "to" file may exist and the process needs to get persmission to modify
|
||||
// it
|
||||
if (source_access(to, F_OK) == 0 &&
|
||||
!interactive_access(real_filename(to), pi, 0)) {
|
||||
if (source_access(to, F_OK) == 0 && !interactive_access(to, pi, 0)) {
|
||||
free(pi.name);
|
||||
return -EACCES;
|
||||
}
|
||||
@@ -402,7 +401,7 @@ static int xmp_link(const char *from, const char *to) {
|
||||
pi.name = get_process_name_by_pid(pi.PID);
|
||||
|
||||
// fprintf(stderr, "%s, %d\n", path, ask_access(path, pi));
|
||||
if (!interactive_access(real_filename(from), pi, 0)) {
|
||||
if (!interactive_access(from, pi, 0)) {
|
||||
free(pi.name);
|
||||
return -EACCES;
|
||||
}
|
||||
@@ -427,7 +426,7 @@ static int xmp_chmod(const char *path, mode_t mode, struct fuse_file_info *fi) {
|
||||
pi.name = get_process_name_by_pid(pi.PID);
|
||||
|
||||
// fprintf(stderr, "%s, %d\n", path, ask_access(path, pi));
|
||||
if (!interactive_access(real_filename(path), pi, 0)) {
|
||||
if (!interactive_access(path, pi, 0)) {
|
||||
free(pi.name);
|
||||
return -EACCES;
|
||||
}
|
||||
@@ -458,7 +457,7 @@ static int xmp_chown(const char *path, uid_t uid, gid_t gid,
|
||||
pi.name = get_process_name_by_pid(pi.PID);
|
||||
|
||||
// fprintf(stderr, "%s, %d\n", path, ask_access(path, pi));
|
||||
if (!interactive_access(real_filename(path), pi, 0)) {
|
||||
if (!interactive_access(path, pi, 0)) {
|
||||
free(pi.name);
|
||||
return -EACCES;
|
||||
}
|
||||
@@ -518,7 +517,7 @@ static int xmp_create(const char *path, mode_t mode,
|
||||
|
||||
// fprintf(stderr, "%s, %d\n", path, ask_access(path, pi));
|
||||
|
||||
if (!interactive_access(real_filename(path), pi, GRANT_PERM)) {
|
||||
if (!interactive_access(path, pi, GRANT_PERM)) {
|
||||
free(pi.name);
|
||||
return -EACCES;
|
||||
}
|
||||
@@ -542,7 +541,7 @@ static int xmp_open(const char *path, struct fuse_file_info *fi) {
|
||||
pi.name = get_process_name_by_pid(pi.PID);
|
||||
|
||||
// fprintf(stderr, "%s, %d\n", path, ask_access(path, pi));
|
||||
if (!interactive_access(real_filename(path), pi, 0)) {
|
||||
if (!interactive_access(path, pi, 0)) {
|
||||
free(pi.name);
|
||||
return -EACCES;
|
||||
}
|
||||
|
||||
69
src/gui/Makefile
Normal file
69
src/gui/Makefile
Normal file
@@ -0,0 +1,69 @@
|
||||
SHELL=/bin/bash
|
||||
|
||||
# configurable options
|
||||
|
||||
SOURCES_DIR := .
|
||||
TESTS_DIR := .
|
||||
BUILD_DIR := .
|
||||
|
||||
CC := gcc
|
||||
CXX := g++
|
||||
|
||||
|
||||
# dependencies
|
||||
|
||||
PACKAGE_NAMES := gtk4 libadwaita-1
|
||||
|
||||
ifeq ($(TEST), 1)
|
||||
# PACKAGE_NAMES += check # TODO: use check?
|
||||
endif
|
||||
|
||||
|
||||
# set up cflags and libs
|
||||
|
||||
CFLAGS := -D_FILE_OFFSET_BITS=64
|
||||
LDFLAGS :=
|
||||
|
||||
CFLAGS += $(shell pkg-config --cflags $(PACKAGE_NAMES))
|
||||
LDFLAGS += $(shell pkg-config --libs $(PACKAGE_NAMES))
|
||||
|
||||
ifeq ($(DEBUG),1)
|
||||
CFLAGS += -O0 -pedantic -g -Wall -Wextra -Wcast-align \
|
||||
-Wcast-qual -Wdisabled-optimization -Wformat=2 \
|
||||
-Winit-self -Wlogical-op -Wmissing-declarations \
|
||||
-Wmissing-include-dirs -Wredundant-decls -Wshadow \
|
||||
-Wsign-conversion -Wstrict-overflow=5 \
|
||||
-Wswitch-default -Wundef -Wno-unused
|
||||
LDFLAGS +=
|
||||
else
|
||||
CFLAGS += -O3
|
||||
LDFLAGS +=
|
||||
endif
|
||||
|
||||
|
||||
# set up targets
|
||||
|
||||
TARGETS := $(BUILD_DIR)/zenity
|
||||
|
||||
ifeq ($(TEST), 1)
|
||||
TARGETS += zenity_test
|
||||
endif
|
||||
|
||||
|
||||
# build!
|
||||
|
||||
default: $(TARGETS)
|
||||
|
||||
.PHONY: clean zenity_test
|
||||
|
||||
zenity_test: $(BUILD_DIR)/zenity
|
||||
./zenity 666 cat /home/fedir Downloads
|
||||
|
||||
$(BUILD_DIR)/zenity: $(BUILD_DIR)/zenity.o
|
||||
$(CC) $(CFLAGS) $^ $(LDFLAGS) -o $(BUILD_DIR)/zenity
|
||||
|
||||
$(BUILD_DIR)/zenity.o: $(SOURCES_DIR)/zenity-clone.c
|
||||
$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $(BUILD_DIR)/zenity.o
|
||||
|
||||
clean:
|
||||
rm $(BUILD_DIR)/*.o $(BUILD_DIR)/zenity
|
||||
153
src/gui/zenity-clone.c
Normal file
153
src/gui/zenity-clone.c
Normal file
@@ -0,0 +1,153 @@
|
||||
#include "gio/gio.h"
|
||||
#include "glib-object.h"
|
||||
#include "glib.h"
|
||||
#include <adwaita.h>
|
||||
#include <gtk/gtk.h>
|
||||
#include <stdbool.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#define YES 0
|
||||
#define NO 1
|
||||
#define PERM 2
|
||||
|
||||
int exit_code = 0;
|
||||
gboolean is_permanent = false;
|
||||
GtkEntryBuffer *entry_buffer = NULL;
|
||||
GtkWidget *checkbox = NULL;
|
||||
|
||||
static void negative_response(GtkWindow *window) {
|
||||
fprintf(stdout, "%s", gtk_entry_buffer_get_text(entry_buffer));
|
||||
exit_code = (gtk_check_button_get_active(GTK_CHECK_BUTTON(checkbox)))
|
||||
? YES | PERM
|
||||
: YES;
|
||||
gtk_window_close(window);
|
||||
}
|
||||
|
||||
static void positive_response(GtkWindow *window) {
|
||||
fprintf(stdout, "%s", gtk_entry_buffer_get_text(entry_buffer));
|
||||
exit_code = (gtk_check_button_get_active(GTK_CHECK_BUTTON(checkbox)))
|
||||
? NO | PERM
|
||||
: NO;
|
||||
gtk_window_close(window);
|
||||
}
|
||||
|
||||
static void on_check_button_toggled(GtkToggleButton *button,
|
||||
gpointer user_data) {
|
||||
gboolean active = gtk_toggle_button_get_active(button);
|
||||
}
|
||||
|
||||
static void on_activate(GtkApplication *app, gpointer user_data) {
|
||||
// Create the main window
|
||||
AdwWindow *window = ADW_WINDOW(adw_window_new());
|
||||
gtk_window_set_application(GTK_WINDOW(window), app);
|
||||
gtk_window_set_title(GTK_WINDOW(window), "icfs");
|
||||
// gtk_window_set_default_size(GTK_WINDOW(window), 300, 150);
|
||||
|
||||
AdwStatusPage *content = ADW_STATUS_PAGE(adw_status_page_new());
|
||||
adw_status_page_set_title(content, "Allow access?");
|
||||
|
||||
char *description = NULL;
|
||||
asprintf(
|
||||
&description,
|
||||
"Allow process <tt>%s</tt> with PID <tt>%s</tt> to access <tt>%s</tt>",
|
||||
g_object_get_data(G_OBJECT(app), "accessing_name"),
|
||||
g_object_get_data(G_OBJECT(app), "accessing_pid"),
|
||||
g_object_get_data(G_OBJECT(app), "access_dir"));
|
||||
adw_status_page_set_description(content, description);
|
||||
free(description);
|
||||
|
||||
entry_buffer = gtk_entry_buffer_new(
|
||||
g_object_get_data(G_OBJECT(app), "access_dir"),
|
||||
strlen(g_object_get_data(G_OBJECT(app), "access_dir")));
|
||||
|
||||
GtkWidget *entry = gtk_entry_new();
|
||||
gtk_entry_set_buffer(GTK_ENTRY(entry), entry_buffer);
|
||||
gtk_entry_set_placeholder_text(GTK_ENTRY(entry), "Enter filename");
|
||||
gtk_widget_set_hexpand(entry, TRUE);
|
||||
|
||||
// Create a prefix label and box
|
||||
GtkWidget *entry_box = gtk_box_new(GTK_ORIENTATION_HORIZONTAL, 0);
|
||||
GtkWidget *prefix_label =
|
||||
gtk_label_new(g_object_get_data(G_OBJECT(app), "root_folder"));
|
||||
gtk_box_append(GTK_BOX(entry_box), prefix_label);
|
||||
gtk_box_append(GTK_BOX(entry_box), entry);
|
||||
|
||||
checkbox = gtk_check_button_new_with_label("Permanent");
|
||||
gtk_check_button_set_active(GTK_CHECK_BUTTON(checkbox), false);
|
||||
// gtk_widget_set_halign(checkbox, GTK_ALIGN_CENTER);
|
||||
|
||||
GtkWidget *yes_button = gtk_button_new_with_label("Yes");
|
||||
gtk_widget_set_hexpand(yes_button, TRUE);
|
||||
g_signal_connect_swapped(yes_button, "clicked", G_CALLBACK(positive_response),
|
||||
window);
|
||||
|
||||
GtkWidget *no_button = gtk_button_new_with_label("No");
|
||||
gtk_widget_set_hexpand(no_button, TRUE);
|
||||
g_signal_connect_swapped(no_button, "clicked", G_CALLBACK(negative_response),
|
||||
window);
|
||||
|
||||
GtkWidget *button_box = gtk_box_new(GTK_ORIENTATION_HORIZONTAL, 6);
|
||||
gtk_box_append(GTK_BOX(button_box), yes_button);
|
||||
gtk_box_append(GTK_BOX(button_box), no_button);
|
||||
gtk_widget_set_halign(button_box, GTK_ALIGN_FILL);
|
||||
|
||||
// Combine everything in a box
|
||||
GtkWidget *box = gtk_box_new(GTK_ORIENTATION_VERTICAL, 12);
|
||||
gtk_box_append(GTK_BOX(box), GTK_WIDGET(content));
|
||||
gtk_box_append(GTK_BOX(box), entry_box);
|
||||
gtk_box_append(GTK_BOX(box), checkbox);
|
||||
gtk_box_append(GTK_BOX(box), button_box);
|
||||
gtk_widget_set_margin_top(GTK_WIDGET(box), 12);
|
||||
gtk_widget_set_margin_bottom(GTK_WIDGET(box), 12);
|
||||
gtk_widget_set_margin_start(GTK_WIDGET(box), 12);
|
||||
gtk_widget_set_margin_end(GTK_WIDGET(box), 12);
|
||||
|
||||
// g_signal_connect(window, "response", G_CALLBACK(gtk_window_close), window);
|
||||
|
||||
// Show the dialog
|
||||
adw_window_set_content(window, box);
|
||||
gtk_window_present(GTK_WINDOW(window));
|
||||
}
|
||||
|
||||
static int on_command_line(GApplication *app, GApplicationCommandLine *cmdline,
|
||||
gpointer user_data) {
|
||||
gchar **argv;
|
||||
gint argc;
|
||||
|
||||
argv = g_application_command_line_get_arguments(cmdline, &argc);
|
||||
|
||||
// Handle your arguments here
|
||||
if (argc >= 4) {
|
||||
fprintf(stderr, "%s\n", argv[1]);
|
||||
g_object_set_data_full(G_OBJECT(app), "accessing_pid", g_strdup(argv[1]),
|
||||
g_free);
|
||||
g_object_set_data_full(G_OBJECT(app), "accessing_name", g_strdup(argv[2]),
|
||||
g_free);
|
||||
g_object_set_data_full(G_OBJECT(app), "root_folder", g_strdup(argv[3]),
|
||||
g_free);
|
||||
g_object_set_data_full(G_OBJECT(app), "access_dir", g_strdup(argv[4]),
|
||||
g_free);
|
||||
}
|
||||
|
||||
g_strfreev(argv);
|
||||
|
||||
// Activate the application
|
||||
g_application_activate(app);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int main(int argc, char **argv) {
|
||||
// Create a new application
|
||||
AdwApplication *app = adw_application_new("com.example.zenityclone",
|
||||
G_APPLICATION_HANDLES_COMMAND_LINE);
|
||||
|
||||
g_signal_connect(app, "command-line", G_CALLBACK(on_command_line), NULL);
|
||||
g_signal_connect(app, "activate", G_CALLBACK(on_activate), NULL);
|
||||
|
||||
// Run the application
|
||||
int status = g_application_run(G_APPLICATION(app), argc, argv);
|
||||
g_object_unref(app);
|
||||
|
||||
return (status == 0) ? exit_code : status;
|
||||
}
|
||||
@@ -56,6 +56,7 @@ int main(int argc, char *argv[]) {
|
||||
ret = fuse_main(argc - 1, argv, get_fuse_operations(), NULL);
|
||||
|
||||
free((void *)mountpoint);
|
||||
source_destroy();
|
||||
destroy_ui_socket();
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -7,6 +7,7 @@
|
||||
*/
|
||||
|
||||
#include "perm_permissions_table.h"
|
||||
#include "access_t.h"
|
||||
#include "process_info.h"
|
||||
#include <fcntl.h>
|
||||
#include <pthread.h>
|
||||
@@ -23,9 +24,9 @@
|
||||
sqlite3 *perm_database = NULL;
|
||||
const char *const table_name = "permissions";
|
||||
// one row corresponds to a permission to access one file for one executable
|
||||
const int column_count = 2;
|
||||
const char *const schema[] = {"executable", "filename"};
|
||||
const char *const types[] = {"TEXT", "TEXT"};
|
||||
const int column_count = 3;
|
||||
const char *const schema[] = {"executable", "filename", "mode"};
|
||||
const char *const types[] = {"TEXT", "TEXT", "INTEGER"};
|
||||
uid_t ruid, euid, current_pid;
|
||||
pthread_mutex_t uid_switch = PTHREAD_MUTEX_INITIALIZER;
|
||||
|
||||
@@ -69,9 +70,10 @@ static int check_table_col_schema(void *notused, int argc, char **argv,
|
||||
}
|
||||
int column_num = atoi(argv[0]);
|
||||
if (column_num >= column_count) {
|
||||
fprintf(stderr, "Table contains more columns than expected.\n");
|
||||
fprintf(stderr, "Table contains unexpected amount of columns.\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (strcmp(schema[column_num], argv[1]) == 0 &&
|
||||
strcmp(types[column_num], argv[2]) == 0) {
|
||||
return 0;
|
||||
@@ -90,8 +92,9 @@ static int set_flag(void *flag, int argc, char **argv, char **colname) {
|
||||
|
||||
int create_database_schema() {
|
||||
fprintf(stderr, "Creating table 'permissions'.\n");
|
||||
const char *create_query = "CREATE TABLE permissions(executable TEXT NOT "
|
||||
"NULL, filename TEXT NOT NULL);";
|
||||
const char *create_query =
|
||||
"CREATE TABLE permissions(executable TEXT NOT "
|
||||
"NULL, filename TEXT NOT NULL, mode INTEGER NOT NULL);";
|
||||
char *err = NULL;
|
||||
int ret = sqlite3_exec(perm_database, create_query, NULL, NULL, &err);
|
||||
|
||||
@@ -186,37 +189,41 @@ void destroy_perm_permissions_table() { sqlite3_close(perm_database); }
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @pram pi: The process information
|
||||
* @return: 0 if access is denied, 1 if access is allowed
|
||||
* @return: access status - ALLOW, DENY or NDEF in case if no information was
|
||||
* found
|
||||
*/
|
||||
int check_perm_access(const char *filename, struct process_info pi) {
|
||||
size_t query_len =
|
||||
56 + strlen(table_name) + strlen(filename) + strlen(pi.name);
|
||||
const char *query = malloc(query_len);
|
||||
size_t should_be_written = snprintf(
|
||||
query, query_len,
|
||||
"SELECT * FROM %s WHERE executable = \'%s\' AND filename = \'%s\';",
|
||||
table_name, pi.name, filename);
|
||||
// -1 for the \0
|
||||
if (should_be_written != query_len - 1) {
|
||||
fprintf(stderr,
|
||||
"Unexpected query size while permanent access rule check: "
|
||||
"Expected %lu, but snprintf returned %lu. The query: %s\n",
|
||||
query_len, should_be_written, query);
|
||||
return 0;
|
||||
access_t check_perm_access(const char *filename, struct process_info pi) {
|
||||
|
||||
char *query = NULL;
|
||||
int ret = asprintf(&query,
|
||||
"SELECT * FROM %s WHERE executable = \'%s\' "
|
||||
"AND filename = \'%s\' AND mode = TRUE;",
|
||||
table_name, pi.name, filename);
|
||||
|
||||
if (ret < 0) {
|
||||
// If asprintf fails, the contents of query are undefined (see man
|
||||
// asprintf). That does not explicitly rule out that query will be a valid
|
||||
// pointer. But the risk of freeing a non-allocated pointer is too much to
|
||||
// justify preparing for this.
|
||||
fprintf(stderr, "Could not create query on access check");
|
||||
perror("");
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
char *sqlite_error = NULL;
|
||||
int flag = 0;
|
||||
int ret = sqlite3_exec(perm_database, query, set_flag, &flag, &sqlite_error);
|
||||
ret = sqlite3_exec(perm_database, query, set_flag, &flag, &sqlite_error);
|
||||
free((void *)query);
|
||||
if (ret != SQLITE_OK) {
|
||||
fprintf(stderr, "SQLite returned an error: %s\n", sqlite_error);
|
||||
sqlite3_free(sqlite_error);
|
||||
free(query);
|
||||
return 0;
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
free(query);
|
||||
return flag;
|
||||
if (flag) {
|
||||
return ALLOW;
|
||||
}
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -227,23 +234,23 @@ int check_perm_access(const char *filename, struct process_info pi) {
|
||||
* @return: 0 on success, 1 on failure
|
||||
*/
|
||||
int give_perm_access(const char *filename, struct process_info pi) {
|
||||
size_t query_len =
|
||||
30 + strlen(table_name) + strlen(filename) + strlen(pi.name);
|
||||
const char *query = malloc(query_len);
|
||||
size_t should_be_written =
|
||||
snprintf(query, query_len, "INSERT INTO %s VALUES (\'%s\', \'%s\');",
|
||||
table_name, pi.name, filename);
|
||||
// -1 for the \0
|
||||
if (should_be_written != query_len - 1) {
|
||||
fprintf(stderr,
|
||||
"Unexpected query size while permanent access rule insertion: "
|
||||
"Expected %lu, but snprintf returned %lu\n",
|
||||
query_len, should_be_written);
|
||||
char *query = NULL;
|
||||
int ret = asprintf(&query, "INSERT INTO %s VALUES (\'%s\', \'%s\', TRUE);",
|
||||
table_name, pi.name, filename);
|
||||
|
||||
if (ret < 0) {
|
||||
// If asprintf fails, the contents of query are undefined (see man
|
||||
// asprintf). That does not explicitly rule out that query will be a valid
|
||||
// pointer. But the risk of freeing a non-allocated pointer is too much to
|
||||
// justify preparing for this.
|
||||
fprintf(stderr, "Could not create query on rule insertion");
|
||||
perror("");
|
||||
return 1;
|
||||
}
|
||||
|
||||
char *sqlite_error = NULL;
|
||||
int ret = sqlite3_exec(perm_database, query, NULL, NULL, &sqlite_error);
|
||||
ret = sqlite3_exec(perm_database, query, NULL, NULL, &sqlite_error);
|
||||
free(query);
|
||||
if (ret != SQLITE_OK) {
|
||||
fprintf(stderr, "SQLite returned an error: %s\n", sqlite_error);
|
||||
sqlite3_free(sqlite_error);
|
||||
@@ -251,6 +258,5 @@ int give_perm_access(const char *filename, struct process_info pi) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
free(query);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -9,6 +9,7 @@
|
||||
#ifndef PERM_PERMISSION_TABLE_H
|
||||
#define PERM_PERMISSION_TABLE_H
|
||||
|
||||
#include "access_t.h"
|
||||
#include "process_info.h"
|
||||
|
||||
/**
|
||||
@@ -29,9 +30,10 @@ void destroy_perm_permissions_table();
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @pram pi: The process information
|
||||
* @return: 0 if access is denied, 1 if access is allowed
|
||||
* @return: access status - ALLOW, DENY or NDEF in case if no information was
|
||||
* found
|
||||
*/
|
||||
int check_perm_access(const char *filename, struct process_info pi);
|
||||
access_t check_perm_access(const char *filename, struct process_info pi);
|
||||
|
||||
/**
|
||||
* Gives permanent access to the process to the file.
|
||||
|
||||
7
src/real_filename.h
Normal file
7
src/real_filename.h
Normal file
@@ -0,0 +1,7 @@
|
||||
#ifndef REAL_FILENAME_H
|
||||
#define REAL_FILENAME_H
|
||||
|
||||
const char *real_filename(const char *filename);
|
||||
const char *get_mountpoint(void);
|
||||
|
||||
#endif // !REAL_FILENAME_H
|
||||
@@ -10,14 +10,14 @@
|
||||
|
||||
#include "sourcefs.h"
|
||||
#include <dirent.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/stat.h>
|
||||
#include <unistd.h>
|
||||
|
||||
static struct source_files_handle {
|
||||
const char *mountpoint;
|
||||
int root_fd;
|
||||
} handle;
|
||||
|
||||
@@ -30,6 +30,14 @@ const char *source_filename_translate(const char *filename) {
|
||||
}
|
||||
|
||||
int source_init(const char *root_path) {
|
||||
handle.mountpoint = malloc(strlen(root_path) + 1);
|
||||
if (handle.mountpoint == NULL) {
|
||||
perror("Malloc failed");
|
||||
return -1;
|
||||
}
|
||||
|
||||
strcpy(handle.mountpoint, root_path);
|
||||
|
||||
int root_fd = open(root_path, O_PATH);
|
||||
|
||||
if (root_fd == -1) {
|
||||
@@ -43,6 +51,32 @@ int source_init(const char *root_path) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
void source_destroy(void) { free(handle.mountpoint); }
|
||||
|
||||
const char *get_mountpoint(void) { return handle.mountpoint; }
|
||||
|
||||
const char *real_filename(const char *filename) {
|
||||
const char *mountpoint = get_mountpoint();
|
||||
// Calculate required length
|
||||
size_t len1 = strlen(mountpoint);
|
||||
size_t len2 = strlen(filename);
|
||||
size_t total_len = len1 + len2;
|
||||
|
||||
// Allocate memory (+1 for null terminator)
|
||||
char *result = malloc(total_len + 1);
|
||||
if (result == NULL) {
|
||||
fprintf(stderr, "Memory allocation failed");
|
||||
perror("");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
// Copy strings
|
||||
strcpy(result, mountpoint);
|
||||
strcat(result, filename);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
int source_mkdir(const char *filename, mode_t mode) {
|
||||
const char *relative_filename = source_filename_translate(filename);
|
||||
return mkdirat(handle.root_fd, relative_filename, mode);
|
||||
|
||||
@@ -19,6 +19,7 @@
|
||||
* @return 0 on success, -1 on failure.
|
||||
*/
|
||||
int source_init(const char *root_path);
|
||||
void source_destroy(void);
|
||||
|
||||
/* All of the functions below are designed to behave exactly as their non-source
|
||||
* counterparts. */
|
||||
|
||||
@@ -7,6 +7,7 @@
|
||||
*/
|
||||
|
||||
#include "temp_permissions_table.h"
|
||||
#include "access_t.h"
|
||||
#include "cc.h"
|
||||
#include "process_info.h"
|
||||
#include <pthread.h>
|
||||
@@ -18,6 +19,7 @@ struct temp_process_permissions {
|
||||
// proc_pid_stat(5))
|
||||
unsigned long long creation_time;
|
||||
vec(char *) allowed_files;
|
||||
vec(char *) denied_files;
|
||||
};
|
||||
|
||||
map(pid_t, struct temp_process_permissions) temp_permissions_table;
|
||||
@@ -33,8 +35,8 @@ pthread_mutex_t temp_permissions_table_lock;
|
||||
* never really equal to 0, it exceptionally unlikely.
|
||||
*/
|
||||
unsigned long long get_process_creation_time(pid_t pid) {
|
||||
char path[32];
|
||||
FILE *fp;
|
||||
char path[256];
|
||||
FILE *fp = NULL;
|
||||
unsigned long long creation_time = 0;
|
||||
|
||||
// Construct the path to the process's status file
|
||||
@@ -72,7 +74,7 @@ unsigned long long get_process_creation_time(pid_t pid) {
|
||||
*
|
||||
* @return: 0 on success, -1 on failure (e.g. ENOMEM)
|
||||
*/
|
||||
int init_temp_permissions_table() {
|
||||
int init_temp_permissions_table(void) {
|
||||
pthread_mutex_init(&temp_permissions_table_lock, PTHREAD_MUTEX_DEFAULT);
|
||||
init(&temp_permissions_table);
|
||||
return 0;
|
||||
@@ -81,14 +83,21 @@ int init_temp_permissions_table() {
|
||||
/**
|
||||
* Destroys the temporary permissions table.
|
||||
*
|
||||
* @note: the table is guranteed to be destroyed if it is already initialized
|
||||
* @note: the table is guranteed to be destroyed if it is already initialized.
|
||||
* It does not indicate any errors whatsoever. If something goes wrong - you are
|
||||
* screwed.
|
||||
*/
|
||||
void destroy_temp_permissions_table() {
|
||||
void destroy_temp_permissions_table(void) {
|
||||
// free the memory allocated for the table
|
||||
for_each(&temp_permissions_table, entry) {
|
||||
for_each(&entry->allowed_files, allowed_file) { free(*allowed_file); }
|
||||
cleanup(&entry->allowed_files);
|
||||
}
|
||||
for_each(&temp_permissions_table, entry) {
|
||||
for_each(&entry->denied_files, denied_file) { free(*denied_file); }
|
||||
cleanup(&entry->denied_files);
|
||||
}
|
||||
|
||||
cleanup(&temp_permissions_table);
|
||||
pthread_mutex_destroy(&temp_permissions_table_lock);
|
||||
}
|
||||
@@ -98,10 +107,10 @@ void destroy_temp_permissions_table() {
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @pram pid: PID of the process
|
||||
* @return: 0 if access is denied, 1 if access is allowed
|
||||
* @return: access status - ALLOW, DENY or NDEF in case if no information was
|
||||
* found is avaliable
|
||||
*/
|
||||
|
||||
int check_temp_access_noparent(const char *filename, pid_t pid) {
|
||||
access_t check_temp_access_noparent(const char *filename, pid_t pid) {
|
||||
// TODO: more efficient locking
|
||||
pthread_mutex_lock(&temp_permissions_table_lock);
|
||||
struct temp_process_permissions *permission_entry =
|
||||
@@ -111,22 +120,28 @@ int check_temp_access_noparent(const char *filename, pid_t pid) {
|
||||
if (process_creation_time == 0) {
|
||||
perror("Could not retrieve process creation time");
|
||||
pthread_mutex_unlock(&temp_permissions_table_lock);
|
||||
return 0;
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
if (process_creation_time == permission_entry->creation_time) {
|
||||
// the process is the same as the one that was granted temporary access
|
||||
// to the file
|
||||
for_each(&permission_entry->denied_files, denied_file) {
|
||||
if (strncmp(*denied_file, filename, strlen(filename)) == 0) {
|
||||
pthread_mutex_unlock(&temp_permissions_table_lock);
|
||||
return DENY;
|
||||
}
|
||||
}
|
||||
for_each(&permission_entry->allowed_files, allowed_file) {
|
||||
if (strncmp(*allowed_file, filename, strlen(filename)) == 0) {
|
||||
pthread_mutex_unlock(&temp_permissions_table_lock);
|
||||
return 1;
|
||||
return ALLOW;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
pthread_mutex_unlock(&temp_permissions_table_lock);
|
||||
return 0;
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -165,31 +180,36 @@ pid_t get_parent_pid(pid_t pid) {
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @pram pi: The process information
|
||||
* @return: 0 if access is denied, 1 if access is allowed
|
||||
* @return: access status - ALLOW, DENY or NDEF in case if no information was
|
||||
* found. Does not return ALLOW_TEMP.
|
||||
* @note: In case one of the parent processes is killed while this function
|
||||
* execution the result is not guranteed to be correct. It should only lead to
|
||||
* false negatives, though.
|
||||
*/
|
||||
int check_temp_access(const char *filename, struct process_info pi) {
|
||||
access_t check_temp_access(const char *filename, struct process_info pi) {
|
||||
pid_t current_pid = pi.PID;
|
||||
while (current_pid != 0) {
|
||||
if (check_temp_access_noparent(filename, current_pid)) {
|
||||
return 1;
|
||||
access_t access = check_temp_access_noparent(filename, current_pid);
|
||||
if (access != NDEF) {
|
||||
return access;
|
||||
}
|
||||
current_pid = get_parent_pid(current_pid);
|
||||
}
|
||||
|
||||
return 0;
|
||||
return NDEF;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gives temporary access to the process to the file.
|
||||
* Sets temporary access mode of the process to the file.
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @param pi: The process information
|
||||
* @return: 0 on success, -1 on failure (e.g. ENOMEM)
|
||||
* @param mode: Kind of access rule to be set - SET_DENY to deny access, and
|
||||
* SET_ALLOW to allow access.
|
||||
* @return: 0 on success, -1 on failure.
|
||||
*/
|
||||
int give_temp_access(const char *filename, struct process_info pi) {
|
||||
int set_temp_access(const char *filename, struct process_info pi,
|
||||
set_mode_t mode) {
|
||||
pthread_mutex_lock(&temp_permissions_table_lock);
|
||||
struct temp_process_permissions *permission_entry =
|
||||
get(&temp_permissions_table, pi.PID);
|
||||
@@ -207,7 +227,13 @@ int give_temp_access(const char *filename, struct process_info pi) {
|
||||
if (process_creation_time == permission_entry->creation_time) {
|
||||
// the process is the same as the one that was granted temporary access
|
||||
// to the file
|
||||
push(&permission_entry->allowed_files, strdup(filename));
|
||||
if (mode == SET_ALLOW) {
|
||||
push(&permission_entry->allowed_files, strdup(filename));
|
||||
}
|
||||
if (mode == SET_DENY) {
|
||||
push(&permission_entry->denied_files, strdup(filename));
|
||||
}
|
||||
|
||||
pthread_mutex_unlock(&temp_permissions_table_lock);
|
||||
return 0;
|
||||
}
|
||||
@@ -223,7 +249,13 @@ int give_temp_access(const char *filename, struct process_info pi) {
|
||||
|
||||
new_permission_entry.creation_time = get_process_creation_time(pi.PID);
|
||||
init(&new_permission_entry.allowed_files);
|
||||
push(&new_permission_entry.allowed_files, strdup(filename));
|
||||
init(&new_permission_entry.denied_files);
|
||||
if (mode == SET_ALLOW) {
|
||||
push(&new_permission_entry.allowed_files, strdup(filename));
|
||||
}
|
||||
if (mode == SET_DENY) {
|
||||
push(&new_permission_entry.denied_files, strdup(filename));
|
||||
}
|
||||
|
||||
insert(&temp_permissions_table, pi.PID, new_permission_entry);
|
||||
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
#ifndef TEMP_PERMISSIONS_TABLE_H
|
||||
#define TEMP_PERMISSIONS_TABLE_H
|
||||
|
||||
#include "access_t.h"
|
||||
#include "process_info.h"
|
||||
|
||||
/**
|
||||
@@ -9,31 +10,43 @@
|
||||
*
|
||||
* @return: 0 on success, -1 on failure (e.g. ENOMEM)
|
||||
*/
|
||||
int init_temp_permissions_table();
|
||||
int init_temp_permissions_table(void);
|
||||
|
||||
/**
|
||||
* Destroys the temporary permissions table.
|
||||
*
|
||||
* @note: the table is guranteed to be destroyed if it is already initialized
|
||||
* @note: the table is guranteed to be destroyed if it is already initialized.
|
||||
* It does not indicate any errors whatsoever. If something goes wrong - you are
|
||||
* screwed.
|
||||
*/
|
||||
void destroy_temp_permissions_table();
|
||||
void destroy_temp_permissions_table(void);
|
||||
|
||||
/**
|
||||
* Checks if the process has a temporary access to the file.
|
||||
* Checks if the process or any of it's parents have temporary access to the
|
||||
* file.
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @pram pi: The process information
|
||||
* @return: access status - ALLOW, DENY or NDEF in case if no information was
|
||||
* found. Does not return ALLOW_TEMP.
|
||||
* @note: In case one of the parent processes is killed while this function
|
||||
* execution the result is not guranteed to be correct. It should only lead to
|
||||
* false negatives, though.
|
||||
*/
|
||||
access_t check_temp_access(const char *filename, struct process_info pi);
|
||||
|
||||
typedef enum { SET_DENY, SET_ALLOW } set_mode_t;
|
||||
|
||||
/**
|
||||
* Sets temporary access mode of the process to the file.
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @param pi: The process information
|
||||
* @return: 0 if access is denied, 1 if access is allowed
|
||||
* @param mode: Kind of access rule to be set - SET_DENY to deny access, and
|
||||
* SET_ALLOW to allow access.
|
||||
* @return: 0 on success, -1 on failure.
|
||||
*/
|
||||
int check_temp_access(const char *filename, struct process_info pi);
|
||||
|
||||
/**
|
||||
* Gives temporary access to the process to the file.
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @param pi: The process information
|
||||
* @return: 0 on success, -1 on failure (e.g. ENOMEM)
|
||||
*/
|
||||
int give_temp_access(const char *filename, struct process_info pi);
|
||||
int set_temp_access(const char *filename, struct process_info pi,
|
||||
set_mode_t mode);
|
||||
|
||||
#endif // !TEMP_PERMISSIONS_TABLE_H
|
||||
|
||||
@@ -6,11 +6,13 @@
|
||||
See the file LICENSE.
|
||||
*/
|
||||
|
||||
#include "access_t.h"
|
||||
#include <stddef.h>
|
||||
#include <sys/types.h>
|
||||
#include <time.h>
|
||||
#define _GNU_SOURCE
|
||||
#include "perm_permissions_table.h"
|
||||
#include "real_filename.h"
|
||||
#include "temp_permissions_table.h"
|
||||
#include "ui-socket.h"
|
||||
#include <pthread.h>
|
||||
@@ -58,19 +60,28 @@ void destroy_ui_socket(void) {
|
||||
*
|
||||
* @param filename: The file that the process is trying to access
|
||||
* @param pi: The process information
|
||||
* @return: 0 if access is denied, 1 if access is allowed, 2 if access is
|
||||
* @return: access status - ALLOW, DENY or ALLOW_TEMP
|
||||
* allowed for the runtime of the process
|
||||
*/
|
||||
int ask_access(const char *filename, struct process_info proc_info) {
|
||||
access_t ask_access(const char *filename, struct process_info proc_info) {
|
||||
FILE *fp = NULL;
|
||||
size_t command_len =
|
||||
139 + sizeof(pid_t) * 8 + strlen(proc_info.name) + strlen(filename);
|
||||
char *command = (char *)malloc(command_len);
|
||||
snprintf(command, command_len,
|
||||
"zenity --question --extra-button \"Allow this time\" --title "
|
||||
"\"Allow Access?\" --text \"Allow process "
|
||||
"<tt>%s</tt> with PID <tt>%d</tt> to access <tt>%s</tt>\"",
|
||||
proc_info.name, proc_info.PID, filename);
|
||||
char *command = NULL;
|
||||
int ret =
|
||||
asprintf(&command,
|
||||
"zenity --question --extra-button \"Allow this time\" --title "
|
||||
"\"Allow Access?\" --text \"Allow process "
|
||||
"<tt>%s</tt> with PID <tt>%d</tt> to access <tt>%s</tt>\"",
|
||||
proc_info.name, proc_info.PID, filename, get_mountpoint());
|
||||
|
||||
if (ret < 0) {
|
||||
// If asprintf fails, the contents of command are undefined (see man
|
||||
// asprintf). That does not explicitly rule out that command will be a valid
|
||||
// pointer. But the risk of freeing a non-allocated pointer is too much to
|
||||
// justify preparing for this.
|
||||
fprintf(stderr, "Could not create query on rule insertion");
|
||||
perror("");
|
||||
return 1;
|
||||
}
|
||||
|
||||
// Zenity Question Message Popup
|
||||
fp = popen(command, "r");
|
||||
@@ -78,7 +89,7 @@ int ask_access(const char *filename, struct process_info proc_info) {
|
||||
|
||||
if (fp == NULL) {
|
||||
perror("Pipe returned a error");
|
||||
return -1;
|
||||
return DENY;
|
||||
}
|
||||
|
||||
// if the user clicks the "Allow this time" button, `zenity` will only
|
||||
@@ -89,7 +100,7 @@ int ask_access(const char *filename, struct process_info proc_info) {
|
||||
printf("%s", buffer);
|
||||
if (strcmp(buffer, ZENITY_TEMP_ALLOW_MESSAGE) == 0) {
|
||||
pclose(fp);
|
||||
return 2;
|
||||
return ALLOW_TEMP;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -97,10 +108,10 @@ int ask_access(const char *filename, struct process_info proc_info) {
|
||||
fprintf(stderr, "zenity returned %d\n", zenity_exit_code);
|
||||
// zenity returns 1 on "No" >:(
|
||||
if (zenity_exit_code == 0) {
|
||||
return 1;
|
||||
return ALLOW;
|
||||
}
|
||||
|
||||
return 0;
|
||||
return DENY;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -116,38 +127,62 @@ int ask_access(const char *filename, struct process_info proc_info) {
|
||||
*/
|
||||
int interactive_access(const char *filename, struct process_info proc_info,
|
||||
int opts) {
|
||||
char *real_path = real_filename(filename);
|
||||
|
||||
if (check_temp_access(filename, proc_info) ||
|
||||
check_perm_access(filename, proc_info)) {
|
||||
// access was already granted before
|
||||
access_t access = check_temp_access(real_path, proc_info);
|
||||
if (access == ALLOW) {
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
if (access == DENY) {
|
||||
free(real_path);
|
||||
return 0;
|
||||
}
|
||||
|
||||
access = check_perm_access(real_path, proc_info);
|
||||
if (access == ALLOW) {
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
if (access == DENY) {
|
||||
free(real_path);
|
||||
return 0;
|
||||
}
|
||||
|
||||
// if noth GRANT_TEMP and GRANT_PERM are selected, then only permanent
|
||||
// permissions are granted
|
||||
|
||||
if (opts & GRANT_PERM) {
|
||||
give_perm_access(filename, proc_info);
|
||||
give_perm_access(real_path, proc_info);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
if (opts & GRANT_TEMP) {
|
||||
give_temp_access(filename, proc_info);
|
||||
set_temp_access(real_path, proc_info, SET_ALLOW);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int user_response = ask_access(filename, proc_info);
|
||||
if (user_response == 1) {
|
||||
// user said "yes"
|
||||
give_perm_access(filename, proc_info);
|
||||
access_t user_response = ask_access(real_path, proc_info);
|
||||
if (user_response == ALLOW) {
|
||||
give_perm_access(real_path, proc_info);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (user_response == 2) {
|
||||
// user said "yes, but only this time"
|
||||
give_temp_access(filename, proc_info);
|
||||
if (user_response == ALLOW_TEMP) {
|
||||
set_temp_access(real_path, proc_info, SET_ALLOW);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
|
||||
// otherwise "no"
|
||||
if (user_response == DENY) {
|
||||
set_temp_access(real_path, proc_info, SET_DENY);
|
||||
free(real_path);
|
||||
return 0;
|
||||
}
|
||||
|
||||
free(real_path);
|
||||
// deny on unknown options.
|
||||
return 0;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user