From a5ac82e07f13ef170c6449ee7b2528605272f188 Mon Sep 17 00:00:00 2001 From: Pawel Polawski Date: Mon, 4 Feb 2013 17:50:45 +0100 Subject: [PATCH] Fixing bug with searching cookie and privileges in security-server. [Issue#] SSDWSSP-71 [Cause] Fix bug with access to security-server API by some root processes. [Problem] Access to security server API returns error for alarm service. [Solution] Removed special treating root processes when searching cookies for caller. [Verification] Security-serwer should return no error while calling security_server_check_privilege() with correct parameters. Setting clock alarm should return no errors in DLOGUTIL. Change-Id: I86a950afedd326c021ab00d7ba6a868034d647f9 --- src/security-srv/include/security-server-common.h | 3 ++- src/security-srv/server/security-server-cookie.c | 29 ++++++++++++----------- src/security-srv/server/security-server-main.c | 7 ++++++ 3 files changed, 24 insertions(+), 15 deletions(-) diff --git a/src/security-srv/include/security-server-common.h b/src/security-srv/include/security-server-common.h index 355892d..03893d2 100644 --- a/src/security-srv/include/security-server-common.h +++ b/src/security-srv/include/security-server-common.h @@ -95,7 +95,8 @@ typedef struct _cookie_list pid_t pid; /* Client process's PID */ char *path; /* Client process's cmd line string */ int *permissions; /* Array of GID that the client process has */ - char *smack_label; /* SMACK label of the client process */ + char *smack_label; /* SMACK label of the client process */ + char is_roots_process; /* Is cookie belongs to roots process */ struct _cookie_list *prev; /* Next cookie list */ struct _cookie_list *next; /* Previous cookie list */ } cookie_list; diff --git a/src/security-srv/server/security-server-cookie.c b/src/security-srv/server/security-server-cookie.c index 518134b..b7c4b4b 100644 --- a/src/security-srv/server/security-server-cookie.c +++ b/src/security-srv/server/security-server-cookie.c @@ -233,26 +233,27 @@ cookie_list *search_cookie(const cookie_list *c_list, const unsigned char *cooki if(current == NULL) break; + //searching for cookie if(memcmp(current->cookie, cookie, SECURITY_SERVER_COOKIE_LEN) == 0) { SEC_SVR_DBG("%s", "cookie has been found"); - /* default cookie is for root process which is pid is set to 0 */ - if(current->pid == 0 || privilege == 0) - { - retval = current; - goto finish; - } - else + //check if this cookie belongs to root process + if(current->is_roots_process == 1) + { + SEC_SVR_DBG("%s", "Root process cookie, special privileges"); + //we can skip privilege checking + retval = current; + goto finish; + } + + for(i=0 ; i < current->permission_len ; i++) { - for(i=0 ; i < current->permission_len ; i++) + if(privilege == current->permissions[i]) { - if(privilege == current->permissions[i]) - { - SEC_SVR_DBG("Found privilege %d", privilege); - retval = current; - goto finish; - } + SEC_SVR_DBG("Found privilege %d", privilege); + retval = current; + goto finish; } } } diff --git a/src/security-srv/server/security-server-main.c b/src/security-srv/server/security-server-main.c index 7838050..3fa401c 100644 --- a/src/security-srv/server/security-server-main.c +++ b/src/security-srv/server/security-server-main.c @@ -363,6 +363,13 @@ int process_cookie_request(int sockfd) SEC_SVR_DBG("%s","Cannot create a cookie"); goto error; } + + //let others know if this cookie belongs to root process + if(client_uid == 0) + created_cookie->is_roots_process = 1; + else + created_cookie->is_roots_process = 0; + //} /* send cookie as response */ retval = send_cookie(sockfd, created_cookie->cookie); -- 2.7.4