Attachment #43214 for bug #69137

View | Details | Raw Unified | Return to bug 69137
Collapse All | Expand All




 *  as some of the InstallWatch code was used.
 *
 *
 *  $Header: /var/cvsroot/gentoo-src/portage/src/sandbox-1.1/libsandbox.c,v 1.22.2.1 2004/11/03 13:12:55 ferringb Exp $
 *
 */


	} else {
		tmp_buffer = (char *) malloc(SB_PATH_MAX * sizeof (char));
		egetcwd(tmp_buffer, SB_PATH_MAX - 1);
		absolute_path = (char *) malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1) * sizeof (char));
																		* sizeof (char));
		sprintf(absolute_path, "%s/%s", tmp_buffer, file);

		if (tmp_buffer)
			free(tmp_buffer);
		tmp_buffer = NULL;

			if (NULL != log_path) {
				sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "",
								absolute_path);
				// log_path somehow gets corrupted.  figuring out why would be good.
				char *dpath = strdup(log_path);
				if ((0 == lstat(log_path, &log_stat))
						&& (0 == S_ISREG(log_stat.st_mode))
						) {
					fprintf(stderr,
						"\e[31;01mSECURITY BREACH\033[0m  %s already exists and is not a regular file.\n",
						dpath);
				} else if (0 == check_access(sbcontext, "open_wr", dpath)) {
					unsetenv("SANDBOX_LOG");
					fprintf(stderr,
						"\e[31;01mSECURITY BREACH\033[0m SANDBOX_LOG %s isn't allowed via SANDBOX_WRITE\n",
						dpath);
				} else {
					log_file = true_open(dpath,
						 O_APPEND | O_WRONLY
						 | O_CREAT,
						 S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
					if (log_file >= 0) {
						write(log_file, buffer, strlen(buffer));
						close(log_file);
					}
				}
				free(dpath);
			}
		}


			if (0 != strncmp(absolute_path, debug_log_path, strlen(debug_log_path))) {
				sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "",
								absolute_path);
				//debug_log_path somehow gets corupted, same thing as log_path above.
				char *dpath = strdup(debug_log_path);
				if ((0 == lstat(debug_log_path, &debug_log_stat))
						&& (0 == S_ISREG(debug_log_stat.st_mode))
						) {
					fprintf(stderr,
						"\e[31;01mSECURITY BREACH\033[0m  %s already exists and is not a regular file.\n",
						debug_log_path);
				} else if (0 == check_access(sbcontext, "open_wr", dpath)) {
					unsetenv("SANDBOX_DEBUG");
					unsetenv("SANDBOX_DEBUG_LOG");
					fprintf(stderr,
						"\e[31;01mSECURITY BREACH\033[0m  SANDBOX_DEBUG_LOG %s isn't allowed by SANDBOX_WRITE.\n",
						dpath);
				} else {					
					debug_log_file =
						true_open(dpath,
							O_APPEND | O_WRONLY |
							O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
					if (debug_log_file >= 0) {
						write(debug_log_file, buffer, strlen(buffer));
						close(debug_log_file);
					}
				}
				free(dpath);
			}
		} else {
			fprintf(stderr,
				"\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n",
				func, (int) (10 - strlen(func)), "", absolute_path);
		}
	}


Return to bug 69137

Lines 25-31 Link Here

(-)libsandbox.c (-20 / +33 lines)
25	* as some of the InstallWatch code was used.	25	* as some of the InstallWatch code was used.
26	*	26	*
27	*	27	*
28	* $Header: /var/cvsroot/gentoo-src/portage/src/sandbox-1.1/libsandbox.c,v 1.22 2004/10/10 10:07:21 carpaski Exp $	28	* $Header: /var/cvsroot/gentoo-src/portage/src/sandbox-1.1/libsandbox.c,v 1.22.2.1 2004/11/03 13:12:55 ferringb Exp $
29	*	29	*
30	*/	30	*/
31		31
Lines 1180-1189 Link Here
1180	} else {	1180	} else {
1181	tmp_buffer = (char ) malloc(SB_PATH_MAX sizeof (char));	1181	tmp_buffer = (char ) malloc(SB_PATH_MAX sizeof (char));
1182	egetcwd(tmp_buffer, SB_PATH_MAX - 1);	1182	egetcwd(tmp_buffer, SB_PATH_MAX - 1);
1183	absolute_path = (char *) malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1)	1183	absolute_path = (char ) malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1) sizeof (char));
1184	* sizeof (char));
1185	sprintf(absolute_path, "%s/%s", tmp_buffer, file);	1184	sprintf(absolute_path, "%s/%s", tmp_buffer, file);
1186
1187	if (tmp_buffer)	1185	if (tmp_buffer)
1188	free(tmp_buffer);	1186	free(tmp_buffer);
1189	tmp_buffer = NULL;	1187	tmp_buffer = NULL;
Lines 1208-1230 Link Here
1208	if (NULL != log_path) {	1206	if (NULL != log_path) {
1209	sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "",	1207	sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "",
1210	absolute_path);	1208	absolute_path);
1211		1209	// log_path somehow gets corrupted. figuring out why would be good.
		1210	char *dpath = strdup(log_path);
1212	if ((0 == lstat(log_path, &log_stat))	1211	if ((0 == lstat(log_path, &log_stat))
1213	&& (0 == S_ISREG(log_stat.st_mode))	1212	&& (0 == S_ISREG(log_stat.st_mode))
1214	) {	1213	) {
1215	fprintf(stderr,	1214	fprintf(stderr,
1216	"\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n",	1215	"\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n",
1217	log_path);	1216	dpath);
		1217	} else if (0 == check_access(sbcontext, "open_wr", dpath)) {
		1218	unsetenv("SANDBOX_LOG");
		1219	fprintf(stderr,
		1220	"\e[31;01mSECURITY BREACH\033[0m SANDBOX_LOG %s isn't allowed via SANDBOX_WRITE\n",
		1221	dpath);
1218	} else {	1222	} else {
1219	log_file = true_open(log_path,	1223	log_file = true_open(dpath,
1220	O_APPEND \| O_WRONLY	1224	O_APPEND \| O_WRONLY
1221	\| O_CREAT,	1225	\| O_CREAT,
1222	S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);	1226	S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
1223	if (log_file >= 0) {	1227	if (log_file >= 0) {
1224	write(log_file, buffer, strlen(buffer));	1228	write(log_file, buffer, strlen(buffer));
1225	close(log_file);	1229	close(log_file);
1226	}	1230	}
1227	}	1231	}
		1232	free(dpath);
1228	}	1233	}
1229	}	1234	}
1230		1235
Lines 1234-1261 Link Here
1234	if (0 != strncmp(absolute_path, debug_log_path, strlen(debug_log_path))) {	1239	if (0 != strncmp(absolute_path, debug_log_path, strlen(debug_log_path))) {
1235	sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "",	1240	sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "",
1236	absolute_path);	1241	absolute_path);
1237		1242	//debug_log_path somehow gets corupted, same thing as log_path above.
		1243	char *dpath = strdup(debug_log_path);
1238	if ((0 == lstat(debug_log_path, &debug_log_stat))	1244	if ((0 == lstat(debug_log_path, &debug_log_stat))
1239	&& (0 == S_ISREG(debug_log_stat.st_mode))	1245	&& (0 == S_ISREG(debug_log_stat.st_mode))
1240	) {	1246	) {
1241	fprintf(stderr,	1247	fprintf(stderr,
1242	"\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n",	1248	"\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n",
1243	log_path);	1249	debug_log_path);
1244	} else {	1250	} else if (0 == check_access(sbcontext, "open_wr", dpath)) {
		1251	unsetenv("SANDBOX_DEBUG");
		1252	unsetenv("SANDBOX_DEBUG_LOG");
		1253	fprintf(stderr,
		1254	"\e[31;01mSECURITY BREACH\033[0m SANDBOX_DEBUG_LOG %s isn't allowed by SANDBOX_WRITE.\n",
		1255	dpath);
		1256	} else {
1245	debug_log_file =	1257	debug_log_file =
1246	true_open(debug_log_path,	1258	true_open(dpath,
1247	O_APPEND \| O_WRONLY \|	1259	O_APPEND \| O_WRONLY \|
1248	O_CREAT, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);	1260	O_CREAT, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
1249	if (debug_log_file >= 0) {	1261	if (debug_log_file >= 0) {
1250	write(debug_log_file, buffer, strlen(buffer));	1262	write(debug_log_file, buffer, strlen(buffer));
1251	close(debug_log_file);	1263	close(debug_log_file);
1252	}	1264	}
1253	}	1265	}
		1266	free(dpath);
1254	}	1267	}
1255	} else {	1268	} else {
1256	fprintf(stderr,	1269	fprintf(stderr,
1257	"\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n",	1270	"\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n",
1258	func, (int) (10 - strlen(func)), "", absolute_path);	1271	func, (int) (10 - strlen(func)), "", absolute_path);
1259	}	1272	}
1260	}	1273	}
1261		1274