10 #include <sys/smack.h>
14 //#define TRACE_TAG TRACE_SERVICES
15 #define LOG_TAG "SDBD_TRACE_SEVICES"
23 struct sudo_command root_commands[] = {
25 { "profile", "/usr/bin/profile_command",
37 { NULL, NULL, {NULL} }
42 const char *name; // comments for human
43 const char *suffix; //pattern
46 static struct command_suffix CMD_SUFFIX_DENY_KEYWORD[] = {
47 /* 0 */ {"pipe", "|"},
48 /* 1 */ {"redirect", ">"},
49 /* 2 */ {"semicolon", ";"}, // separated list is executed
51 /* 4 */ {"command_substitution1", "$"},
52 /* 5 */ {"command_substitution2", "`"},
53 /* end */ {NULL, NULL}
57 * return 1 if the arg is arrowed, otherwise 0 is denied
59 static int is_cmd_suffix_denied(const char* arg) {
62 for (i=0; CMD_SUFFIX_DENY_KEYWORD[i].name != NULL; i++) {
63 if (strstr(arg, CMD_SUFFIX_DENY_KEYWORD[i].suffix) != NULL) {
64 D("cmd suffix denied:%s\n", arg);
68 D("cmd suffix arrowed:%s\n", arg);
72 static int get_application_install_path(char* pkg_path) {
74 char ret_str[PATH_MAX+64] = {0,};
77 fp = popen("/usr/bin/pkgcmd -a", "r");
79 E("failed : popen pkgcmd -a\n");
82 if (!fgets(ret_str, PATH_MAX+64, fp)) {
83 E("failed : fgets pkgcmd -a\n");
89 len = strlen(ret_str);
90 while(ret_str[--len]=='\n');
91 ret_str[len + 1] = '\0';
93 if (sscanf(ret_str, "Tizen Application Installation Path: %4095s", pkg_path) != 1) {
94 E("failed : parsing fail (str:%s)\n", ret_str);
98 D("Tizen install path: %s\n", pkg_path);
102 int is_pkg_file_path(const char* path) {
105 char pkg_path[PATH_MAX] = {0,};
106 char pkg_path_regx[PATH_MAX+64] = {0,};
108 if (!get_application_install_path(pkg_path)) {
109 E("failed to get application install path\n");
113 snprintf(pkg_path_regx, sizeof(pkg_path_regx),
114 "^.*(%s/tmp/)+[a-zA-Z0-9_\\-\\.]*\\.(wgt|tpk),*[0-9]*$", pkg_path);
116 ret = regcomp(®ex, pkg_path_regx, REG_EXTENDED);
118 E("failed : recomp (error:%d)\n", ret);
122 ret = regexec(®ex, path, 0, NULL, 0);
126 E("This path is NOT package file: %s\n", path);
130 D("This path is temporary package file: %s\n", path);
135 * Returns 1 if the command is root, otherwise 0.
137 int verify_root_commands(const char *arg1) {
138 char *tokens[MAX_TOKENS];
144 D("cmd processing......: %s\n", arg1);
146 cnt = tokenize(arg1, " ", tokens, MAX_TOKENS);
147 for (i=0; i<cnt; i++) {
148 D("tokenize: %dth: %s\n", i, tokens[i]);
151 return 0; // just keep going to execute normal commands
153 index = is_root_commands(tokens[0]);
155 return 0; // just keep going to execute normal commands
159 // in case of profile_command
162 if (!is_cmd_suffix_denied(arg1) && (cnt == 2)) {
163 // check if command is used with permitted arguments
164 for (i = 0; root_commands[0].arguments[i] != NULL; i++) {
165 if (!strncmp(tokens[1], root_commands[0].arguments[i], strlen(tokens[1])+1)){
166 D("found permitted arguments :%s\n", tokens[1]);
173 D("not found permitted arguments :%s\n", tokens[1]);
183 D("doing the cmd as a %s\n", ret == 1 ? "root" : SDK_USER_NAME);
186 free_strings(tokens, cnt);
192 int regcmp(const char* pattern, const char* str) {
196 ret = regcomp(®ex, pattern, REG_EXTENDED);
197 if(ret){ // not match
201 // execute regular expression
202 ret = regexec(®ex, str, 0, NULL, 0);
206 } else if( ret == REG_NOMATCH ){
207 //D("not valid application path\n");
209 //regerror(ret, ®ex, buf, sizeof(buf));
210 //D("regex match failed: %s\n", buf);
216 int is_root_commands(const char *command) {
218 for(i = 0; root_commands[i].path != NULL; i++) {
219 if(!strncmp(root_commands[i].path, command, strlen(root_commands[i].path)+1)) {
projects / sdk / target / sdbd.git / blob