| 5 |
* |
* |
| 6 |
* Copyright (C) 2005-2008 NTT DATA CORPORATION |
* Copyright (C) 2005-2008 NTT DATA CORPORATION |
| 7 |
* |
* |
| 8 |
* Version: 1.6.5 2008/11/11 |
* Version: 1.6.6-pre 2008/12/22 |
| 9 |
* |
* |
| 10 |
*/ |
*/ |
| 11 |
#include "include.h" |
#include "include.h" |
| 127 |
|
|
| 128 |
static void stage_file_test(void) |
static void stage_file_test(void) |
| 129 |
{ |
{ |
| 130 |
|
#if 0 |
| 131 |
char *filename = ""; |
char *filename = ""; |
| 132 |
policy = "allow_read /proc/sys/net/ipv4/ip_local_port_range " |
policy = "allow_read /proc/sys/net/ipv4/ip_local_port_range " |
| 133 |
"if task.uid=0 task.gid=0"; |
"if task.uid=0 task.gid=0"; |
| 207 |
errno = err; |
errno = err; |
| 208 |
show_result(err ? EOF : 0, 0); |
show_result(err ? EOF : 0, 0); |
| 209 |
} |
} |
| 210 |
|
#endif |
| 211 |
|
|
| 212 |
|
policy = "allow_read /dev/null if path1.type=char path1.dev_major=1 path1.dev_minor=3"; |
| 213 |
|
if (write_policy()) { |
| 214 |
|
int fd = open("/dev/null", O_RDONLY); |
| 215 |
|
show_result(fd, 1); |
| 216 |
|
if (fd != EOF) |
| 217 |
|
close(fd); |
| 218 |
|
delete_policy(); |
| 219 |
|
fd = open("/dev/null", O_RDONLY); |
| 220 |
|
show_result(fd, 0); |
| 221 |
|
if (fd != EOF) |
| 222 |
|
close(fd); |
| 223 |
|
} |
| 224 |
|
|
| 225 |
|
policy = "allow_read /dev/null if path1.perm=0666"; |
| 226 |
|
if (write_policy()) { |
| 227 |
|
int fd = open("/dev/null", O_RDONLY); |
| 228 |
|
show_result(fd, 1); |
| 229 |
|
if (fd != EOF) |
| 230 |
|
close(fd); |
| 231 |
|
delete_policy(); |
| 232 |
|
fd = open("/dev/null", O_RDONLY); |
| 233 |
|
show_result(fd, 0); |
| 234 |
|
if (fd != EOF) |
| 235 |
|
close(fd); |
| 236 |
|
} |
| 237 |
|
|
| 238 |
|
policy = "allow_read /dev/null if path1.perm=owner_read path1.perm=owner_write path1.perm!=owner_execute path1.perm=group_read path1.perm=group_write path1.perm!=group_execute path1.perm=others_read path1.perm=others_write path1.perm!=others_execute path1.perm!=setuid path1.perm!=setgid path1.perm!=sticky"; |
| 239 |
|
if (write_policy()) { |
| 240 |
|
int fd = open("/dev/null", O_RDONLY); |
| 241 |
|
show_result(fd, 1); |
| 242 |
|
if (fd != EOF) |
| 243 |
|
close(fd); |
| 244 |
|
delete_policy(); |
| 245 |
|
fd = open("/dev/null", O_RDONLY); |
| 246 |
|
show_result(fd, 0); |
| 247 |
|
if (fd != EOF) |
| 248 |
|
close(fd); |
| 249 |
|
} |
| 250 |
|
|
| 251 |
|
policy = "allow_read /dev/initctl if path1.type=fifo"; |
| 252 |
|
if (write_policy()) { |
| 253 |
|
int fd = open("/dev/initctl", O_RDONLY); |
| 254 |
|
show_result(fd, 1); |
| 255 |
|
if (fd != EOF) |
| 256 |
|
close(fd); |
| 257 |
|
delete_policy(); |
| 258 |
|
fd = open("/dev/initctl", O_RDONLY); |
| 259 |
|
show_result(fd, 0); |
| 260 |
|
if (fd != EOF) |
| 261 |
|
close(fd); |
| 262 |
|
} |
| 263 |
|
#if 0 |
| 264 |
policy = "allow_read /dev/null if path1.parent.ino=path1.parent.ino"; |
policy = "allow_read /dev/null if path1.parent.ino=path1.parent.ino"; |
| 265 |
if (write_policy()) { |
if (write_policy()) { |
| 266 |
int fd = open("/dev/null", O_RDONLY); |
int fd = open("/dev/null", O_RDONLY); |
| 597 |
write(exception_fd, cp, strlen(cp)); |
write(exception_fd, cp, strlen(cp)); |
| 598 |
} |
} |
| 599 |
unlink2(filename); |
unlink2(filename); |
| 600 |
|
#endif |
| 601 |
} |
} |
| 602 |
|
|
| 603 |
int main(int argc, char *argv[]) |
int main(int argc, char *argv[]) |
TOMOYO
Parent Directory
Revision Log
Patch