From a5ac82e07f13ef170c6449ee7b2528605272f188 Mon Sep 17 00:00:00 2001
From: Pawel Polawski
Date: Mon, 4 Feb 2013 17:50:45 +0100
Subject: [PATCH] Fixing bug with searching cookie and privileges in
security-server.
[Issue#] SSDWSSP-71
[Cause] Fix bug with access to security-server API
by some root processes.
[Problem] Access to security server API returns error
for alarm service.
[Solution] Removed special treating root processes when searching
cookies for caller.
[Verification] Security-serwer should return no error while
calling security_server_check_privilege()
with correct parameters. Setting clock alarm should
return no errors in DLOGUTIL.
Change-Id: I86a950afedd326c021ab00d7ba6a868034d647f9
---
src/security-srv/include/security-server-common.h | 3 ++-
src/security-srv/server/security-server-cookie.c | 29 ++++++++++++-----------
src/security-srv/server/security-server-main.c | 7 ++++++
3 files changed, 24 insertions(+), 15 deletions(-)
diff --git a/src/security-srv/include/security-server-common.h b/src/security-srv/include/security-server-common.h
index 355892d..03893d2 100644
--- a/src/security-srv/include/security-server-common.h
+++ b/src/security-srv/include/security-server-common.h
@@ -95,7 +95,8 @@ typedef struct _cookie_list
pid_t pid; /* Client process's PID */
char *path; /* Client process's cmd line string */
int *permissions; /* Array of GID that the client process has */
- char *smack_label; /* SMACK label of the client process */
+ char *smack_label; /* SMACK label of the client process */
+ char is_roots_process; /* Is cookie belongs to roots process */
struct _cookie_list *prev; /* Next cookie list */
struct _cookie_list *next; /* Previous cookie list */
} cookie_list;
diff --git a/src/security-srv/server/security-server-cookie.c b/src/security-srv/server/security-server-cookie.c
index 518134b..b7c4b4b 100644
--- a/src/security-srv/server/security-server-cookie.c
+++ b/src/security-srv/server/security-server-cookie.c
@@ -233,26 +233,27 @@ cookie_list *search_cookie(const cookie_list *c_list, const unsigned char *cooki
if(current == NULL)
break;
+ //searching for cookie
if(memcmp(current->cookie, cookie, SECURITY_SERVER_COOKIE_LEN) == 0)
{
SEC_SVR_DBG("%s", "cookie has been found");
- /* default cookie is for root process which is pid is set to 0 */
- if(current->pid == 0 || privilege == 0)
- {
- retval = current;
- goto finish;
- }
- else
+ //check if this cookie belongs to root process
+ if(current->is_roots_process == 1)
+ {
+ SEC_SVR_DBG("%s", "Root process cookie, special privileges");
+ //we can skip privilege checking
+ retval = current;
+ goto finish;
+ }
+
+ for(i=0 ; i < current->permission_len ; i++)
{
- for(i=0 ; i < current->permission_len ; i++)
+ if(privilege == current->permissions[i])
{
- if(privilege == current->permissions[i])
- {
- SEC_SVR_DBG("Found privilege %d", privilege);
- retval = current;
- goto finish;
- }
+ SEC_SVR_DBG("Found privilege %d", privilege);
+ retval = current;
+ goto finish;
}
}
}
diff --git a/src/security-srv/server/security-server-main.c b/src/security-srv/server/security-server-main.c
index 7838050..3fa401c 100644
--- a/src/security-srv/server/security-server-main.c
+++ b/src/security-srv/server/security-server-main.c
@@ -363,6 +363,13 @@ int process_cookie_request(int sockfd)
SEC_SVR_DBG("%s","Cannot create a cookie");
goto error;
}
+
+ //let others know if this cookie belongs to root process
+ if(client_uid == 0)
+ created_cookie->is_roots_process = 1;
+ else
+ created_cookie->is_roots_process = 0;
+
//}
/* send cookie as response */
retval = send_cookie(sockfd, created_cookie->cookie);
--
2.7.4