diff options
| author | Eric Andersen | 2003-07-03 10:07:04 +0000 |
|---|---|---|
| committer | Eric Andersen | 2003-07-03 10:07:04 +0000 |
| commit | 9e48045e45df7e3e205575a4eb3dc39d634b05aa (patch) | |
| tree | e8f993dffc34380fbcc54cc858c81da594bdb95b /libbb | |
| parent | c48d49ad988a4163cff7f38ee4bd1f9886d0ed11 (diff) | |
| download | busybox-9e48045e45df7e3e205575a4eb3dc39d634b05aa.zip busybox-9e48045e45df7e3e205575a4eb3dc39d634b05aa.tar.gz | |
Patch from Russell Coker:
I've attached my latest SE Linux patch for busybox against the latest CVS
version of busybox.
Diffstat (limited to 'libbb')
| -rw-r--r-- | libbb/find_pid_by_name.c | 4 | ||||
| -rw-r--r-- | libbb/procps.c | 14 | ||||
| -rw-r--r-- | libbb/run_shell.c | 15 |
3 files changed, 30 insertions, 3 deletions
diff --git a/libbb/find_pid_by_name.c b/libbb/find_pid_by_name.c index b6602b9..b8490b7 100644 --- a/libbb/find_pid_by_name.c +++ b/libbb/find_pid_by_name.c @@ -41,7 +41,11 @@ extern long* find_pid_by_name( const char* pidName) procps_status_t * p; pidList = xmalloc(sizeof(long)); +#ifdef CONFIG_SELINUX + while ((p = procps_scan(0, 0, NULL)) != 0) { +#else while ((p = procps_scan(0)) != 0) { +#endif if (strcmp(p->short_cmd, pidName) == 0) { pidList=xrealloc( pidList, sizeof(long) * (i+2)); pidList[i++]=p->pid; diff --git a/libbb/procps.c b/libbb/procps.c index 7df0718..44103fa 100644 --- a/libbb/procps.c +++ b/libbb/procps.c @@ -16,7 +16,11 @@ #include "libbb.h" -extern procps_status_t * procps_scan(int save_user_arg0) +extern procps_status_t * procps_scan(int save_user_arg0 +#ifdef CONFIG_SELINUX + , int use_selinux , security_id_t *sid +#endif + ) { static DIR *dir; struct dirent *entry; @@ -53,6 +57,14 @@ extern procps_status_t * procps_scan(int save_user_arg0) sprintf(status, "/proc/%d/stat", pid); if((fp = fopen(status, "r")) == NULL) continue; +#ifdef CONFIG_SELINUX + if(use_selinux) + { + if(fstat_secure(fileno(fp), &sb, sid)) + continue; + } + else +#endif if(fstat(fileno(fp), &sb)) continue; my_getpwuid(curstatus.user, sb.st_uid); diff --git a/libbb/run_shell.c b/libbb/run_shell.c index 49e8a76..4855d76 100644 --- a/libbb/run_shell.c +++ b/libbb/run_shell.c @@ -36,14 +36,20 @@ #include <syslog.h> #include <ctype.h> #include "libbb.h" - +#ifdef CONFIG_SELINUX +#include <proc_secure.h> +#endif /* Run SHELL, or DEFAULT_SHELL if SHELL is empty. If COMMAND is nonzero, pass it to the shell with the -c option. If ADDITIONAL_ARGS is nonzero, pass it to the shell as more arguments. */ -void run_shell ( const char *shell, int loginshell, const char *command, const char **additional_args ) +void run_shell ( const char *shell, int loginshell, const char *command, const char **additional_args +#ifdef CONFIG_SELINUX + , security_id_t sid +#endif +) { const char **args; int argno = 1; @@ -71,6 +77,11 @@ void run_shell ( const char *shell, int loginshell, const char *command, const c args [argno++] = *additional_args; } args [argno] = 0; +#ifdef CONFIG_SELINUX + if(sid) + execve_secure(shell, (char **) args, environ, sid); + else +#endif execv ( shell, (char **) args ); bb_perror_msg_and_die ( "cannot run %s", shell ); } |