Main Page | Class List | Directories | File List | Class Members | File Members
src

pike_security.h

Go to the documentation of this file.
00001 /*
00002 || This file is part of Pike. For copyright information see COPYRIGHT.
00003 || Pike is distributed under GPL, LGPL and MPL. See the file COPYING
00004 || for more information.
00005 || $Id: pike_security.h,v 1.20 2004/06/30 00:22:22 nilsson Exp $
00006 */
00007 
00008 #include "global.h"
00009 
00010 #ifndef SECURITY_H
00011 #define SECURITY_H
00012 
00013 #ifdef PIKE_SECURITY
00014 #include "object.h"
00015 
00016 #define SECURITY_BIT_INDEX 1      /* index read-only */
00017 #define SECURITY_BIT_SET_INDEX 2  /* set index */
00018 #define SECURITY_BIT_CALL 4       /* call functions (and clone?) */
00019 #define SECURITY_BIT_SECURITY 8   /* Do anything :) */
00020 #define SECURITY_BIT_NOT_SETUID 16
00021 #define SECURITY_BIT_CONDITIONAL_IO 32
00022 #define SECURITY_BIT_DESTRUCT 64
00023 
00024 typedef unsigned char pike_security_bits;
00025 
00026 struct pike_creds
00027 {
00028   struct object *user;
00029   struct object *default_creds;
00030   pike_security_bits data_bits;
00031   pike_security_bits may_always;
00032 };
00033 
00034 #define CHECK_VALID_CREDS(X) (X)
00035 #define CHECK_VALID_UID(X) (X)
00036 
00037 #define OBJ2CREDS(O) ((struct pike_creds *)(CHECK_VALID_CREDS(O)->storage))
00038 
00039 #define CURRENT_CREDS \
00040   (Pike_interpreter.frame_pointer ? Pike_interpreter.frame_pointer->current_creds : Pike_interpreter.current_creds)
00041 
00042 /* Do we need a 'may never' ? */
00043 #define CHECK_SECURITY(BIT) \
00044    (!CURRENT_CREDS || (OBJ2CREDS(CURRENT_CREDS)->may_always & (BIT)))
00045 
00046 #define CHECK_DATA_SECURITY(DATA,BIT) (\
00047    CHECK_SECURITY(BIT) || \
00048    ( (DATA)->prot && ( (OBJ2CREDS((DATA)->prot)->data_bits & (BIT)) ||  \
00049    (OBJ2CREDS((DATA)->prot)->user == OBJ2CREDS(CURRENT_CREDS)->user))) )
00050 
00051 #define CHECK_DATA_SECURITY_OR_ERROR(DATA,BIT,ERR) do { \
00052   if(!CHECK_DATA_SECURITY(DATA,BIT))             \
00053      Pike_error ERR;                                    \
00054  }while(0)
00055 
00056 #define CHECK_SECURITY_OR_ERROR(BIT,ERR) do { \
00057   if(!CHECK_SECURITY(BIT))             \
00058      Pike_error ERR;                                    \
00059  }while(0)
00060 
00061 #define ASSERT_SECURITY_ROOT(FUNC) CHECK_SECURITY_OR_ERROR( \
00062   SECURITY_BIT_SECURITY, (FUNC ": permission denied.\n"))
00063 
00064 #define SET_CURRENT_CREDS(O) do { struct object *_o=(O);                \
00065  if(Pike_interpreter.frame_pointer)                                     \
00066  {                                                                      \
00067    if(Pike_interpreter.frame_pointer->current_creds)                    \
00068      free_object(Pike_interpreter.frame_pointer->current_creds);        \
00069    Pike_interpreter.frame_pointer->current_creds = CHECK_VALID_UID(_o); \
00070  }else{                                                                 \
00071    if(Pike_interpreter.current_creds)                                   \
00072      free_object(Pike_interpreter.current_creds);                       \
00073    Pike_interpreter.current_creds = CHECK_VALID_UID(_o);                \
00074  }                                                                      \
00075  if (_o)                                                                \
00076    add_ref(_o);                                                         \
00077 }while(0)
00078 
00079 #define INITIALIZE_PROT(X) \
00080   do { if(CURRENT_CREDS) add_ref((X)->prot=CHECK_VALID_CREDS(OBJ2CREDS(CURRENT_CREDS)->default_creds?OBJ2CREDS(CURRENT_CREDS)->default_creds:CURRENT_CREDS)); else (X)->prot=0; }while(0)
00081 
00082 #define FREE_PROT(X) do { if((X)->prot) free_object((X)->prot); (X)->prot=0; }while(0)
00083 
00084 #define VALID_FILE_IO(name, access_type)                                \
00085   if(!CHECK_SECURITY(SECURITY_BIT_SECURITY))                            \
00086   {                                                                     \
00087     int e;                                                              \
00088     struct svalue *base_sp=Pike_sp-args;                                \
00089                                                                         \
00090     if(!CHECK_SECURITY(SECURITY_BIT_CONDITIONAL_IO))                    \
00091       Pike_error(name ": Permission denied.\n");                        \
00092                                                                         \
00093     push_constant_text(name);                                           \
00094     push_constant_text(access_type);                                    \
00095                                                                         \
00096     for(e=0;e<args;e++) push_svalue(base_sp+e);                         \
00097                                                                         \
00098     safe_apply(OBJ2CREDS(CURRENT_CREDS)->user,"valid_io",args+2);       \
00099                                                                         \
00100     switch(Pike_sp[-1].type)                                            \
00101     {                                                                   \
00102       case PIKE_T_ARRAY:                                                \
00103       case PIKE_T_OBJECT:                                               \
00104       case PIKE_T_MAPPING:                                              \
00105         assign_svalue(Pike_sp-args-1,Pike_sp-1);                        \
00106         pop_n_elems(args);                                              \
00107         return;                                                         \
00108                                                                         \
00109       case PIKE_T_INT:                                                  \
00110         switch(Pike_sp[-1].u.integer)                                   \
00111         {                                                               \
00112           case 0: /* return 0 */                                        \
00113             errno=EPERM;                                                \
00114             pop_n_elems(args+1);                                        \
00115             push_int(0);                                                \
00116             return;                                                     \
00117                                                                         \
00118           case 1: /* return 1 */                                        \
00119             pop_n_elems(args+1);                                        \
00120             push_int(1);                                                \
00121             return;                                                     \
00122                                                                         \
00123           case 2: /* ok */                                              \
00124             pop_stack();                                                \
00125             break;                                                      \
00126                                                                         \
00127           case 3: /* permission denied */                               \
00128             Pike_error(name ": permission denied.\n");                  \
00129                                                                         \
00130           default:                                                      \
00131             Pike_error("Error in user->valid_io, wrong return value.\n"); \
00132         }                                                               \
00133         break;                                                          \
00134                                                                         \
00135       case PIKE_T_STRING:                                               \
00136         assign_svalue(Pike_sp-args-1,Pike_sp-1);                        \
00137         pop_stack();                                                    \
00138         break;                                                          \
00139                                                                         \
00140       default:                                                          \
00141         Pike_error("Error in user->valid_io, wrong return type.\n");    \
00142         break;                                                          \
00143     }                                                                   \
00144   }
00145 
00146 
00147 /* Prototypes begin here */
00148 void init_pike_security(void);
00149 void exit_pike_security(void);
00150 /* Prototypes end here */
00151 
00152 #else
00153 
00154 #define INITIALIZE_PROT(X)
00155 #define FREE_PROT(X)
00156 #define CHECK_SECURITY_OR_ERROR(BIT,ERR)
00157 #define ASSERT_SECURITY_ROOT(FUNC)
00158 #define CHECK_DATA_SECURITY_OR_ERROR(DATA,BIT,ERR)
00159 
00160 #define init_pike_security()
00161 #define exit_pike_security()
00162 
00163 #define VALID_FILE_IO(name, type)
00164 
00165 #endif
00166 
00167 #endif
Generated on Fri Jul 22 23:44:26 2005 for Pike by  doxygen 1.3.9.1