Index: libsandbox.c =================================================================== RCS file: /var/cvsroot/gentoo-src/portage/src/sandbox-1.1/libsandbox.c,v retrieving revision 1.22 retrieving revision 1.22.2.1 diff -u -r1.22 -r1.22.2.1 --- libsandbox.c 10 Oct 2004 10:07:21 -0000 1.22 +++ libsandbox.c 3 Nov 2004 13:12:55 -0000 1.22.2.1 @@ -25,7 +25,7 @@ * as some of the InstallWatch code was used. * * - * $Header: /var/cvsroot/gentoo-src/portage/src/sandbox-1.1/libsandbox.c,v 1.22 2004/10/10 10:07:21 carpaski Exp $ + * $Header: /var/cvsroot/gentoo-src/portage/src/sandbox-1.1/libsandbox.c,v 1.22.2.1 2004/11/03 13:12:55 ferringb Exp $ * */ @@ -1180,10 +1180,8 @@ } else { tmp_buffer = (char *) malloc(SB_PATH_MAX * sizeof (char)); egetcwd(tmp_buffer, SB_PATH_MAX - 1); - absolute_path = (char *) malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1) - * sizeof (char)); + absolute_path = (char *) malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1) * sizeof (char)); sprintf(absolute_path, "%s/%s", tmp_buffer, file); - if (tmp_buffer) free(tmp_buffer); tmp_buffer = NULL; @@ -1208,23 +1206,30 @@ if (NULL != log_path) { sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "", absolute_path); - + // log_path somehow gets corrupted. figuring out why would be good. + char *dpath = strdup(log_path); if ((0 == lstat(log_path, &log_stat)) && (0 == S_ISREG(log_stat.st_mode)) ) { fprintf(stderr, - "\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n", - log_path); + "\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n", + dpath); + } else if (0 == check_access(sbcontext, "open_wr", dpath)) { + unsetenv("SANDBOX_LOG"); + fprintf(stderr, + "\e[31;01mSECURITY BREACH\033[0m SANDBOX_LOG %s isn't allowed via SANDBOX_WRITE\n", + dpath); } else { - log_file = true_open(log_path, - O_APPEND | O_WRONLY - | O_CREAT, - S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); + log_file = true_open(dpath, + O_APPEND | O_WRONLY + | O_CREAT, + S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); if (log_file >= 0) { write(log_file, buffer, strlen(buffer)); close(log_file); } } + free(dpath); } } @@ -1234,28 +1239,36 @@ if (0 != strncmp(absolute_path, debug_log_path, strlen(debug_log_path))) { sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "", absolute_path); - + //debug_log_path somehow gets corupted, same thing as log_path above. + char *dpath = strdup(debug_log_path); if ((0 == lstat(debug_log_path, &debug_log_stat)) && (0 == S_ISREG(debug_log_stat.st_mode)) ) { fprintf(stderr, - "\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n", - log_path); - } else { + "\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n", + debug_log_path); + } else if (0 == check_access(sbcontext, "open_wr", dpath)) { + unsetenv("SANDBOX_DEBUG"); + unsetenv("SANDBOX_DEBUG_LOG"); + fprintf(stderr, + "\e[31;01mSECURITY BREACH\033[0m SANDBOX_DEBUG_LOG %s isn't allowed by SANDBOX_WRITE.\n", + dpath); + } else { debug_log_file = - true_open(debug_log_path, - O_APPEND | O_WRONLY | - O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); + true_open(dpath, + O_APPEND | O_WRONLY | + O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); if (debug_log_file >= 0) { write(debug_log_file, buffer, strlen(buffer)); close(debug_log_file); } } + free(dpath); } } else { fprintf(stderr, - "\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n", - func, (int) (10 - strlen(func)), "", absolute_path); + "\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n", + func, (int) (10 - strlen(func)), "", absolute_path); } }