futils fix from bug #65201 via solar, and libsandbox log path checks via #69137

author: Brian Harring <ferringb@gentoo.org> 2004-11-03 13:15:59 +0000
committer: Brian Harring <ferringb@gentoo.org> 2004-11-03 13:15:59 +0000
commit: 5873c8ab4580ca0b2857443bf0b084fc06ba39d5 (patch)
tree: ac9a0937767dec0c609cddb81702e9ea278f52be /src
parent: paren_reduce was returning a tuple instead of a list, pissing off use_reduce ... (diff)
download: portage-cvs-5873c8ab4580ca0b2857443bf0b084fc06ba39d5.tar.gz
portage-cvs-5873c8ab4580ca0b2857443bf0b084fc06ba39d5.tar.bz2
portage-cvs-5873c8ab4580ca0b2857443bf0b084fc06ba39d5.zip
3 files changed, 42 insertions, 35 deletions
diff --git a/src/sandbox-1.1/ChangeLog b/src/sandbox-1.1/ChangeLog
index c59cdd3..394fddf 100644
--- a/src/sandbox-1.1/ChangeLog
+++ b/src/sandbox-1.1/ChangeLog
@@ -1,6 +1,9 @@
 # ChangeLog for Path Sandbox
 # Copyright 1999-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/ChangeLog,v 1.37 2004/10/04 14:08:46 vapier Exp $
+# $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/ChangeLog,v 1.38 2004/11/03 13:15:59 ferringb Exp $
+
+  03 Nov 2004; Brian Harring <ferringb@gentoo.org> libsandbox.c, sandbox_futils.c:
+  futils fix from bug #65201 via solar, and libsandbox log path checks via #69137
 
   02 Aug 2004; Nicholas Jones <carpaski@gentoo.org> libsandbox.c: Code from
   Seth Robertson that tracked down all adjuct flags for read operations that
diff --git a/src/sandbox-1.1/libsandbox.c b/src/sandbox-1.1/libsandbox.c
index 34aeb1c..8a8fbe3 100644
--- a/src/sandbox-1.1/libsandbox.c
+++ b/src/sandbox-1.1/libsandbox.c
@@ -25,7 +25,7 @@
  *  as some of the InstallWatch code was used.
  *
  *
- *  $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/libsandbox.c,v 1.22 2004/10/10 10:07:21 carpaski Exp $
+ *  $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/libsandbox.c,v 1.23 2004/11/03 13:15:59 ferringb Exp $
  *
  */
 
@@ -1180,10 +1180,8 @@ check_syscall(sbcontext_t * sbcontext, const char *func, const char *file)
 	} else {
 		tmp_buffer = (char *) malloc(SB_PATH_MAX * sizeof (char));
 		egetcwd(tmp_buffer, SB_PATH_MAX - 1);
-		absolute_path = (char *) malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1)
-																		* sizeof (char));
+		absolute_path = (char *) malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1) * sizeof (char));
 		sprintf(absolute_path, "%s/%s", tmp_buffer, file);
-
 		if (tmp_buffer)
 			free(tmp_buffer);
 		tmp_buffer = NULL;
@@ -1208,23 +1206,30 @@ check_syscall(sbcontext_t * sbcontext, const char *func, const char *file)
 			if (NULL != log_path) {
 				sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "",
 								absolute_path);
-
+				// log_path somehow gets corrupted.  figuring out why would be good.
+				char *dpath = strdup(log_path);
 				if ((0 == lstat(log_path, &log_stat))
 						&& (0 == S_ISREG(log_stat.st_mode))
 						) {
 					fprintf(stderr,
-									"\e[31;01mSECURITY BREACH\033[0m  %s already exists and is not a regular file.\n",
-									log_path);
+						"\e[31;01mSECURITY BREACH\033[0m  %s already exists and is not a regular file.\n",
+						dpath);
+				} else if (0 == check_access(sbcontext, "open_wr", dpath)) {
+					unsetenv("SANDBOX_LOG");
+					fprintf(stderr,
+						"\e[31;01mSECURITY BREACH\033[0m SANDBOX_LOG %s isn't allowed via SANDBOX_WRITE\n",
+						dpath);
 				} else {
-					log_file = true_open(log_path,
-															 O_APPEND | O_WRONLY
-															 | O_CREAT,
-															 S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+					log_file = true_open(dpath,
+						 O_APPEND | O_WRONLY
+						 | O_CREAT,
+						 S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
 					if (log_file >= 0) {
 						write(log_file, buffer, strlen(buffer));
 						close(log_file);
 					}
 				}
+				free(dpath);
 			}
 		}
 
@@ -1234,28 +1239,36 @@ check_syscall(sbcontext_t * sbcontext, const char *func, const char *file)
 			if (0 != strncmp(absolute_path, debug_log_path, strlen(debug_log_path))) {
 				sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "",
 								absolute_path);
-
+				//debug_log_path somehow gets corupted, same thing as log_path above.
+				char *dpath = strdup(debug_log_path);
 				if ((0 == lstat(debug_log_path, &debug_log_stat))
 						&& (0 == S_ISREG(debug_log_stat.st_mode))
 						) {
 					fprintf(stderr,
-									"\e[31;01mSECURITY BREACH\033[0m  %s already exists and is not a regular file.\n",
-									log_path);
-				} else {
+						"\e[31;01mSECURITY BREACH\033[0m  %s already exists and is not a regular file.\n",
+						debug_log_path);
+				} else if (0 == check_access(sbcontext, "open_wr", dpath)) {
+					unsetenv("SANDBOX_DEBUG");
+					unsetenv("SANDBOX_DEBUG_LOG");
+					fprintf(stderr,
+						"\e[31;01mSECURITY BREACH\033[0m  SANDBOX_DEBUG_LOG %s isn't allowed by SANDBOX_WRITE.\n",
+						dpath);
+				} else {					
 					debug_log_file =
-							true_open(debug_log_path,
-												O_APPEND | O_WRONLY |
-												O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+						true_open(dpath,
+							O_APPEND | O_WRONLY |
+							O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
 					if (debug_log_file >= 0) {
 						write(debug_log_file, buffer, strlen(buffer));
 						close(debug_log_file);
 					}
 				}
+				free(dpath);
 			}
 		} else {
 			fprintf(stderr,
-							"\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n",
-							func, (int) (10 - strlen(func)), "", absolute_path);
+				"\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n",
+				func, (int) (10 - strlen(func)), "", absolute_path);
 		}
 	}
 
diff --git a/src/sandbox-1.1/sandbox_futils.c b/src/sandbox-1.1/sandbox_futils.c
index 98dca9c..9653919 100644
--- a/src/sandbox-1.1/sandbox_futils.c
+++ b/src/sandbox-1.1/sandbox_futils.c
@@ -3,7 +3,7 @@
  * Distributed under the terms of the GNU General Public License, v2 or later 
  * Author: Brad House <brad@mainstreetsoftworks.com>
  *
- * $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/sandbox_futils.c,v 1.11 2004/10/19 04:58:42 carpaski Exp $
+ * $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/sandbox_futils.c,v 1.12 2004/11/03 13:15:59 ferringb Exp $
  * 
  */
 
@@ -102,26 +102,17 @@ char *
 get_sandbox_log()
 {
 	char path[255];
-	char pid_string[20];
 	char *sandbox_log_env = NULL;
 
-	sprintf(pid_string, "%d", getpid());
-
-	memset(path, 0 , sizeof(path));
-	strncpy(path, LOG_FILE_PREFIX, sizeof(path)-1);
-
 	/* THIS CHUNK BREAK THINGS BY DOING THIS:
 	 * SANDBOX_LOG=/tmp/sandbox-app-admin/superadduser-1.0.7-11063.log
 	 */
 
 	sandbox_log_env = getenv(ENV_SANDBOX_LOG);
-	if (sandbox_log_env) {
-		strncat(path, sandbox_log_env, sizeof(path)-1);
-		strncat(path, "-", sizeof(path)-1);
-	}
-
-	strncat(path, pid_string, sizeof(path)-1);
-	strncat(path, LOG_FILE_EXT, sizeof(path)-1);
+	snprintf(path, sizeof(path)-1, "%s%s%s%d%s", LOG_FILE_PREFIX,
+		( sandbox_log_env == NULL ? "" : sandbox_log_env ),
+		( sandbox_log_env == NULL ? "" : "-" ),
+		getpid(), LOG_FILE_EXT);
 	return (strdup(path));
 }
author	Brian Harring <ferringb@gentoo.org>	2004-11-03 13:15:59 +0000
committer	Brian Harring <ferringb@gentoo.org>	2004-11-03 13:15:59 +0000
commit	5873c8ab4580ca0b2857443bf0b084fc06ba39d5 (patch)
tree	ac9a0937767dec0c609cddb81702e9ea278f52be /src
parent	paren_reduce was returning a tuple instead of a list, pissing off use_reduce ... (diff)
download	portage-cvs-5873c8ab4580ca0b2857443bf0b084fc06ba39d5.tar.gz portage-cvs-5873c8ab4580ca0b2857443bf0b084fc06ba39d5.tar.bz2 portage-cvs-5873c8ab4580ca0b2857443bf0b084fc06ba39d5.zip