オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-tools/ccstools/kernel_test/ccs_new_file_test.c

Contents of /trunk/1.8.x/ccs-tools/ccstools/kernel_test/ccs_new_file_test.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3808 - (show annotations) (download) (as text)
Fri Jul 9 04:40:54 2010 UTC (13 years, 10 months ago) by kumaneko
Original Path: branches/ccs-tools/ccstools/kernel_test/ccs_new_file_test.c
File MIME type: text/x-csrc
File size: 18043 byte(s) 
Remove allow_ prefix from directives.
1 /*
2 * ccs_new_file_test.c
3 *
4 * Copyright (C) 2005-2009 NTT DATA CORPORATION
5 *
6 * Version: 1.7.1 2009/11/11
7 *
8 */
9 #include "include.h"
10
11 static const char *policy = "";
12
13 #if 0
14 static int write_policy(void)
15 {
16 FILE *fp;
17 char buffer[8192];
18 int domain_found = 0;
19 int policy_found = 0;
20 memset(buffer, 0, sizeof(buffer));
21 set_profile(0, "file::open");
22 fp = fopen(proc_policy_domain_policy, "r");
23 set_profile(3, "file::open");
24 fprintf(domain_fp, "%s\n", policy);
25 if (!fp) {
26 printf("%s : BUG: policy read failed\n", policy);
27 return 0;
28 }
29 while (fgets(buffer, sizeof(buffer) - 1, fp)) {
30 char *cp = strchr(buffer, '\n');
31 if (cp)
32 *cp = '\0';
33 if (!strncmp(buffer, "<kernel>", 8))
34 domain_found = !strcmp(self_domain, buffer);
35 if (!domain_found)
36 continue;
37 /* printf("<%s>\n", buffer); */
38 if (!strcmp(buffer, policy)) {
39 policy_found = 1;
40 break;
41 }
42 }
43 fclose(fp);
44 if (!policy_found) {
45 printf("%s : BUG: policy write failed\n", policy);
46 return 0;
47 }
48 errno = 0;
49 return 1;
50 }
51 #endif
52
53 static void show_result(int result, char should_success)
54 {
55 int err = errno;
56 printf("%s : ", policy);
57 if (should_success) {
58 if (result != EOF)
59 printf("OK\n");
60 else
61 printf("FAILED: %s\n", strerror(err));
62 } else {
63 if (result == EOF) {
64 if (err == EPERM)
65 printf("OK: Permission denied.\n");
66 else
67 printf("FAILED: %s\n", strerror(err));
68 } else {
69 printf("BUG: didn't fail.\n");
70 }
71 }
72 }
73
74 static void create2(const char *pathname)
75 {
76 set_profile(0, "file::create");
77 set_profile(0, "file::open");
78 close(creat(pathname, 0600));
79 set_profile(3, "file::create");
80 set_profile(3, "file::open");
81 errno = 0;
82 }
83
84 static void mkdir2(const char *pathname)
85 {
86 set_profile(0, "file::mkdir");
87 mkdir(pathname, 0600);
88 set_profile(3, "file::mkdir");
89 errno = 0;
90 }
91
92 static void unlink2(const char *pathname)
93 {
94 set_profile(0, "file::unlink");
95 unlink(pathname);
96 set_profile(3, "file::unlink");
97 errno = 0;
98 }
99
100 static void rmdir2(const char *pathname)
101 {
102 set_profile(0, "file::rmdir");
103 rmdir(pathname);
104 set_profile(3, "file::rmdir");
105 errno = 0;
106 }
107
108 static void mkfifo2(const char *pathname)
109 {
110 set_profile(0, "file::mkfifo");
111 mkfifo(pathname, 0600);
112 set_profile(3, "file::mkfifo");
113 errno = 0;
114 }
115
116 static void stage_file_test(void)
117 {
118 static int name[] = { CTL_NET, NET_IPV4, NET_IPV4_LOCAL_PORT_RANGE };
119 int buffer[2] = { 32768, 61000 };
120 size_t size = sizeof(buffer);
121 int pipe_fd[2] = { EOF, EOF };
122 int err = 0;
123 int fd;
124 char pbuffer[1024];
125 struct stat sbuf;
126 struct sockaddr_un addr;
127 struct ifreq ifreq;
128 char *filename = "";
129 set_profile(3, "file::execute");
130 set_profile(3, "file::open");
131 set_profile(3, "file::create");
132 set_profile(3, "file::unlink");
133 set_profile(3, "file::mkdir");
134 set_profile(3, "file::rmdir");
135 set_profile(3, "file::mkfifo");
136 set_profile(3, "file::mksock");
137 set_profile(3, "file::truncate");
138 set_profile(3, "file::symlink");
139 set_profile(3, "file::mkblock");
140 set_profile(3, "file::mkchar");
141 set_profile(3, "file::link");
142 set_profile(3, "file::rename");
143 set_profile(3, "file::chmod");
144 set_profile(3, "file::chown");
145 set_profile(3, "file::chgrp");
146 set_profile(3, "file::ioctl");
147 set_profile(3, "file::chroot");
148 set_profile(3, "file::mount");
149 set_profile(3, "file::umount");
150 set_profile(3, "file::pivot_root");
151
152 policy = "file read /proc/sys/net/ipv4/ip_local_port_range "
153 "if task.uid=0 task.gid=0";
154 write_domain_policy(policy, 0);
155 show_result(sysctl(name, 3, buffer, &size, 0, 0), 1);
156 write_domain_policy(policy, 1);
157 show_result(sysctl(name, 3, buffer, &size, 0, 0), 0);
158
159 policy = "file write /proc/sys/net/ipv4/ip_local_port_range "
160 "if task.euid=0 0=0 1-100=10-1000";
161 write_domain_policy(policy, 0);
162 show_result(sysctl(name, 3, 0, 0, buffer, size), 1);
163 write_domain_policy(policy, 1);
164 show_result(sysctl(name, 3, 0, 0, buffer, size), 0);
165
166 policy = "file read /proc/sys/net/ipv4/ip_local_port_range "
167 "if 1!=10-100";
168 write_domain_policy(policy, 0);
169 policy = "file write /proc/sys/net/ipv4/ip_local_port_range "
170 "if 1!=10-100";
171 write_domain_policy(policy, 0);
172 show_result(sysctl(name, 3, buffer, &size, buffer, size), 1);
173 policy = "file read /proc/sys/net/ipv4/ip_local_port_range "
174 "if 1!=10-100";
175 write_domain_policy(policy, 1);
176 policy = "file write /proc/sys/net/ipv4/ip_local_port_range "
177 "if 1!=10-100";
178 write_domain_policy(policy, 1);
179 show_result(sysctl(name, 3, buffer, &size, buffer, size), 0);
180
181 policy = "file read /bin/true "
182 "if path1.uid=0 path1.parent.uid=0 10=10-100";
183 write_domain_policy(policy, 0);
184 show_result(uselib("/bin/true"), 1);
185 write_domain_policy(policy, 1);
186 show_result(uselib("/bin/true"), 0);
187
188 policy = "file execute /bin/true if task.uid!=10 path1.parent.uid=0";
189 write_domain_policy(policy, 0);
190 fflush(stdout);
191 fflush(stderr);
192 pipe(pipe_fd);
193 if (fork() == 0) {
194 execl("/bin/true", "/bin/true", NULL);
195 err = errno;
196 write(pipe_fd[1], &err, sizeof(err));
197 _exit(0);
198 }
199 close(pipe_fd[1]);
200 read(pipe_fd[0], &err, sizeof(err));
201 close(pipe_fd[0]);
202 wait(NULL);
203 errno = err;
204 show_result(err ? EOF : 0, 1);
205 write_domain_policy(policy, 1);
206 fflush(stdout);
207 fflush(stderr);
208 pipe(pipe_fd);
209 if (fork() == 0) {
210 execl("/bin/true", "/bin/true", NULL);
211 err = errno;
212 write(pipe_fd[1], &err, sizeof(err));
213 _exit(0);
214 }
215 close(pipe_fd[1]);
216 read(pipe_fd[0], &err, sizeof(err));
217 close(pipe_fd[0]);
218 wait(NULL);
219 errno = err;
220 show_result(err ? EOF : 0, 0);
221
222 policy = "file read /dev/null if path1.type=char path1.dev_major=1 "
223 "path1.dev_minor=3";
224 write_domain_policy(policy, 0);
225 fd = open("/dev/null", O_RDONLY);
226 show_result(fd, 1);
227 if (fd != EOF)
228 close(fd);
229 write_domain_policy(policy, 1);
230 fd = open("/dev/null", O_RDONLY);
231 show_result(fd, 0);
232 if (fd != EOF)
233 close(fd);
234
235 policy = "file read /dev/null if path1.perm=0666";
236 write_domain_policy(policy, 0);
237 fd = open("/dev/null", O_RDONLY);
238 show_result(fd, 1);
239 if (fd != EOF)
240 close(fd);
241 write_domain_policy(policy, 1);
242 fd = open("/dev/null", O_RDONLY);
243 show_result(fd, 0);
244 if (fd != EOF)
245 close(fd);
246
247 policy = "file read /dev/null if path1.perm!=0777";
248 write_domain_policy(policy, 0);
249 fd = open("/dev/null", O_RDONLY);
250 show_result(fd, 1);
251 if (fd != EOF)
252 close(fd);
253 write_domain_policy(policy, 1);
254 fd = open("/dev/null", O_RDONLY);
255 show_result(fd, 0);
256 if (fd != EOF)
257 close(fd);
258
259 policy = "file read /dev/null if path1.perm=owner_read "
260 "path1.perm=owner_write path1.perm!=owner_execute "
261 "path1.perm=group_read path1.perm=group_write "
262 "path1.perm!=group_execute path1.perm=others_read "
263 "path1.perm=others_write path1.perm!=others_execute "
264 "path1.perm!=setuid path1.perm!=setgid path1.perm!=sticky";
265 write_domain_policy(policy, 0);
266 fd = open("/dev/null", O_RDONLY);
267 show_result(fd, 1);
268 if (fd != EOF)
269 close(fd);
270 write_domain_policy(policy, 1);
271 fd = open("/dev/null", O_RDONLY);
272 show_result(fd, 0);
273 if (fd != EOF)
274 close(fd);
275
276 set_profile(3, "file::mkfifo");
277 policy = "file mkfifo /tmp/mknod_fifo_test 0644 "
278 "if path1.parent.perm=01777 path1.parent.perm=sticky "
279 "path1.parent.uid=0 path1.parent.gid=0";
280 write_domain_policy(policy, 0);
281 filename = "/tmp/mknod_fifo_test";
282 show_result(mknod(filename, S_IFIFO | 0644, 0), 1);
283 write_domain_policy(policy, 1);
284 unlink2(filename);
285 show_result(mknod(filename, S_IFIFO | 0644, 0), 0);
286
287 memset(pbuffer, 0, sizeof(pbuffer));
288 memset(&sbuf, 0, sizeof(sbuf));
289 filename = "/dev/null";
290 stat(filename, &sbuf);
291 snprintf(pbuffer, sizeof(pbuffer) - 1,
292 "file write %s if path1.major=%u path1.minor=%u",
293 filename, (unsigned int) MAJOR(sbuf.st_dev),
294 (unsigned int) MINOR(sbuf.st_dev));
295 policy = pbuffer;
296 write_domain_policy(policy, 0);
297 fd = open(filename, O_WRONLY);
298 show_result(fd, 1);
299 if (fd != EOF)
300 close(fd);
301 write_domain_policy(policy, 1);
302 fd = open(filename, O_WRONLY);
303 show_result(fd, 0);
304 if (fd != EOF)
305 close(fd);
306
307 policy = "file read/write /tmp/fifo if path1.type=fifo";
308 mkfifo2("/tmp/fifo");
309 write_domain_policy(policy, 0);
310 fd = open("/tmp/fifo", O_RDWR);
311 show_result(fd, 1);
312 if (fd != EOF)
313 close(fd);
314 write_domain_policy(policy, 1);
315 fd = open("/tmp/fifo", O_RDWR);
316 show_result(fd, 0);
317 if (fd != EOF)
318 close(fd);
319
320 policy = "file read /dev/null if path1.parent.ino=path1.parent.ino";
321 write_domain_policy(policy, 0);
322 fd = open("/dev/null", O_RDONLY);
323 show_result(fd, 1);
324 if (fd != EOF)
325 close(fd);
326 write_domain_policy(policy, 1);
327 fd = open("/dev/null", O_RDONLY);
328 show_result(fd, 0);
329 if (fd != EOF)
330 close(fd);
331
332 policy = "file write /dev/null if path1.uid=path1.gid";
333 write_domain_policy(policy, 0);
334 fd = open("/dev/null", O_WRONLY);
335 show_result(fd, 1);
336 if (fd != EOF)
337 close(fd);
338 write_domain_policy(policy, 1);
339 fd = open("/dev/null", O_WRONLY);
340 show_result(fd, 0);
341 if (fd != EOF)
342 close(fd);
343
344 policy = "file read/write /dev/null if task.uid=path1.parent.uid";
345 write_domain_policy(policy, 0);
346 fd = open("/dev/null", O_RDWR);
347 show_result(fd, 1);
348 if (fd != EOF)
349 close(fd);
350 write_domain_policy(policy, 1);
351 fd = open("/dev/null", O_RDWR);
352 show_result(fd, 0);
353 if (fd != EOF)
354 close(fd);
355
356 policy = "file create /tmp/open_test 0644 "
357 "if path1.parent.uid=task.uid";
358 write_domain_policy(policy, 0);
359 policy = "file write /tmp/open_test if path1.parent.uid=0";
360 write_domain_policy(policy, 0);
361 fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644);
362 show_result(fd, 1);
363 if (fd != EOF)
364 close(fd);
365 unlink2("/tmp/open_test");
366 write_domain_policy(policy, 1);
367 fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644);
368 show_result(fd, 0);
369 if (fd != EOF)
370 close(fd);
371 unlink2("/tmp/open_test");
372
373 policy = "file create /tmp/open_test 0644 "
374 "if path1.parent.uid=task.uid";
375 write_domain_policy(policy, 1);
376
377 policy = "file write /tmp/open_test if task.uid=0 path1.ino!=0";
378 write_domain_policy(policy, 0);
379 policy = "file create /tmp/open_test 0644 if 0=0";
380 write_domain_policy(policy, 0);
381 fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644);
382 show_result(fd, 1);
383 if (fd != EOF)
384 close(fd);
385 unlink2("/tmp/open_test");
386 write_domain_policy(policy, 1);
387 fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644);
388 show_result(fd, 0);
389 if (fd != EOF)
390 close(fd);
391 unlink2("/tmp/open_test");
392 policy = "file write /tmp/open_test if task.uid=0 path1.ino!=0";
393 write_domain_policy(policy, 1);
394
395 filename = "/tmp/truncate_test";
396 create2(filename);
397
398 policy = "file truncate /tmp/truncate_test if task.uid=path1.uid";
399 write_domain_policy(policy, 0);
400 policy = "file write /tmp/truncate_test if 1!=100-1000000";
401 write_domain_policy(policy, 0);
402 fd = open(filename, O_WRONLY | O_TRUNC);
403 show_result(fd, 1);
404 if (fd != EOF)
405 close(fd);
406 write_domain_policy(policy, 1);
407 fd = open(filename, O_WRONLY | O_TRUNC);
408 show_result(fd, 0);
409 if (fd != EOF)
410 close(fd);
411 policy = "file truncate /tmp/truncate_test "
412 "if task.uid=path1.uid";
413 write_domain_policy(policy, 1);
414
415 policy = "file write /tmp/truncate_test";
416 write_domain_policy(policy, 0);
417 policy = "file truncate /tmp/truncate_test";
418 write_domain_policy(policy, 0);
419 fd = open(filename, O_WRONLY | O_TRUNC);
420 show_result(fd, 1);
421 if (fd != EOF)
422 close(fd);
423 write_domain_policy(policy, 1);
424 fd = open(filename, O_WRONLY | O_TRUNC);
425 show_result(fd, 0);
426 if (fd != EOF)
427 close(fd);
428 policy = "file write /tmp/truncate_test";
429 write_domain_policy(policy, 1);
430
431 policy = "file truncate /tmp/truncate_test";
432 write_domain_policy(policy, 0);
433 show_result(truncate(filename, 0), 1);
434 write_domain_policy(policy, 1);
435 show_result(truncate(filename, 0), 0);
436
437 policy = "file truncate /tmp/truncate_test";
438 write_domain_policy(policy, 0);
439 set_profile(0, "file::open");
440 fd = open(filename, O_WRONLY);
441 set_profile(3, "file::open");
442 show_result(ftruncate(fd, 0), 1);
443 write_domain_policy(policy, 1);
444 show_result(ftruncate(fd, 0), 0);
445 if (fd != EOF)
446 close(fd);
447
448 unlink2(filename);
449
450 policy = "file create /tmp/mknod_reg_test 0644";
451 write_domain_policy(policy, 0);
452 filename = "/tmp/mknod_reg_test";
453 show_result(mknod(filename, S_IFREG | 0644, 0), 1);
454 write_domain_policy(policy, 1);
455 unlink2(filename);
456 show_result(mknod(filename, S_IFREG | 0644, 0), 0);
457
458 policy = "file mkchar /tmp/mknod_chr_test 0644 1 3";
459 write_domain_policy(policy, 0);
460 filename = "/tmp/mknod_chr_test";
461 show_result(mknod(filename, S_IFCHR | 0644, MKDEV(1, 3)), 1);
462 write_domain_policy(policy, 1);
463 unlink2(filename);
464 show_result(mknod(filename, S_IFCHR | 0644, MKDEV(1, 3)), 0);
465
466 policy = "file mkblock /tmp/mknod_blk_test 0644 1 0";
467 write_domain_policy(policy, 0);
468 filename = "/tmp/mknod_blk_test";
469 show_result(mknod(filename, S_IFBLK | 0644, MKDEV(1, 0)), 1);
470 write_domain_policy(policy, 1);
471 unlink2(filename);
472 show_result(mknod(filename, S_IFBLK | 0644, MKDEV(1, 0)), 0);
473
474 policy = "file mkfifo /tmp/mknod_fifo_test 0644";
475 write_domain_policy(policy, 0);
476 filename = "/tmp/mknod_fifo_test";
477 show_result(mknod(filename, S_IFIFO | 0644, 0), 1);
478 write_domain_policy(policy, 1);
479 unlink2(filename);
480 show_result(mknod(filename, S_IFIFO | 0644, 0), 0);
481
482 policy = "file mksock /tmp/mknod_sock_test 0644";
483 write_domain_policy(policy, 0);
484 filename = "/tmp/mknod_sock_test";
485 show_result(mknod(filename, S_IFSOCK | 0644, 0), 1);
486 write_domain_policy(policy, 1);
487 unlink2(filename);
488 show_result(mknod(filename, S_IFSOCK | 0644, 0), 0);
489
490 policy = "file mkdir /tmp/mkdir_test/ 0600";
491 write_domain_policy(policy, 0);
492 filename = "/tmp/mkdir_test";
493 show_result(mkdir(filename, 0600), 1);
494 write_domain_policy(policy, 1);
495 rmdir2(filename);
496 show_result(mkdir(filename, 0600), 0);
497
498 policy = "file rmdir /tmp/rmdir_test/";
499 write_domain_policy(policy, 0);
500 filename = "/tmp/rmdir_test";
501 mkdir2(filename);
502 show_result(rmdir(filename), 1);
503 write_domain_policy(policy, 1);
504 mkdir2(filename);
505 show_result(rmdir(filename), 0);
506 rmdir2(filename);
507
508 policy = "file unlink /tmp/unlink_test";
509 write_domain_policy(policy, 0);
510 filename = "/tmp/unlink_test";
511 create2(filename);
512 show_result(unlink(filename), 1);
513 write_domain_policy(policy, 1);
514 create2(filename);
515 show_result(unlink(filename), 0);
516 unlink2(filename);
517
518 policy = "file symlink /tmp/symlink_source_test";
519 write_domain_policy(policy, 0);
520 filename = "/tmp/symlink_source_test";
521 show_result(symlink("/tmp/symlink_dest_test", filename), 1);
522 write_domain_policy(policy, 1);
523 unlink2(filename);
524 show_result(symlink("/tmp/symlink_dest_test", filename), 0);
525
526 policy = "file symlink /tmp/symlink_source_test "
527 "if symlink.target=\"/tmp/symlink_\\*_test\"";
528 write_domain_policy(policy, 0);
529 filename = "/tmp/symlink_source_test";
530 show_result(symlink("/tmp/symlink_dest_test", filename), 1);
531 write_domain_policy(policy, 1);
532 unlink2(filename);
533 show_result(symlink("/tmp/symlink_dest_test", filename), 0);
534
535 policy = "file symlink /tmp/symlink_source_test "
536 "if task.uid=0 symlink.target=\"/tmp/symlink_\\*_test\"";
537 write_domain_policy(policy, 0);
538 filename = "/tmp/symlink_source_test";
539 show_result(symlink("/tmp/symlink_dest_test", filename), 1);
540 write_domain_policy(policy, 1);
541 unlink2(filename);
542 show_result(symlink("/tmp/symlink_dest_test", filename), 0);
543
544 policy = "file symlink /tmp/symlink_source_test "
545 "if symlink.target!=\"\\*\"";
546 write_domain_policy(policy, 0);
547 filename = "/tmp/symlink_source_test";
548 show_result(symlink("/tmp/symlink_dest_test", filename), 1);
549 write_domain_policy(policy, 1);
550 unlink2(filename);
551 show_result(symlink("/tmp/symlink_dest_test", filename), 0);
552
553 policy = "file symlink /tmp/symlink_source_test "
554 "if symlink.target!=\"/tmp/symlink_\\*_test\"";
555 write_domain_policy(policy, 0);
556 filename = "/tmp/symlink_source_test";
557 show_result(symlink("/tmp/symlink_dest_test", filename), 0);
558 write_domain_policy(policy, 1);
559 unlink2(filename);
560 show_result(symlink("/tmp/symlink_dest_test", filename), 0);
561
562 policy = "file link /tmp/link_source_test /tmp/link_dest_test";
563 write_domain_policy(policy, 0);
564 filename = "/tmp/link_source_test";
565 create2(filename);
566 show_result(link(filename, "/tmp/link_dest_test"), 1);
567 write_domain_policy(policy, 1);
568 unlink2("/tmp/link_dest_test");
569 show_result(link(filename, "/tmp/link_dest_test"), 0);
570 unlink2(filename);
571
572 policy = "file rename /tmp/rename_source_test /tmp/rename_dest_test";
573 write_domain_policy(policy, 0);
574 filename = "/tmp/rename_source_test";
575 create2(filename);
576 show_result(rename(filename, "/tmp/rename_dest_test"), 1);
577 write_domain_policy(policy, 1);
578 unlink2("/tmp/rename_dest_test");
579 create2(filename);
580 show_result(rename(filename, "/tmp/rename_dest_test"), 0);
581 unlink2(filename);
582
583 policy = "file mksock /tmp/socket_test 0755";
584 write_domain_policy(policy, 0);
585 filename = "/tmp/socket_test";
586 memset(&addr, 0, sizeof(addr));
587 addr.sun_family = AF_UNIX;
588 strncpy(addr.sun_path, filename, sizeof(addr.sun_path) - 1);
589 fd = socket(AF_UNIX, SOCK_STREAM, 0);
590 show_result(bind(fd, (struct sockaddr *) &addr, sizeof(addr)),
591 1);
592 if (fd != EOF)
593 close(fd);
594 write_domain_policy(policy, 1);
595 unlink2(filename);
596 fd = socket(AF_UNIX, SOCK_STREAM, 0);
597 show_result(bind(fd, (struct sockaddr *) &addr, sizeof(addr)),
598 0);
599 if (fd != EOF)
600 close(fd);
601 unlink2(filename);
602
603 policy = "file ioctl socket:[family=2:type=2:protocol=17] "
604 "35122-35124 if task.uid=0";
605 write_domain_policy(policy, 0);
606 fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP);
607 memset(&ifreq, 0, sizeof(ifreq));
608 snprintf(ifreq.ifr_name, sizeof(ifreq.ifr_name) - 1,
609 "lo");
610 show_result(ioctl(fd, 35123, &ifreq), 1);
611 write_domain_policy(policy, 1);
612 policy = "file ioctl "
613 "socket:[family=2:type=2:protocol=17] 0-35122";
614 write_domain_policy(policy, 0);
615 show_result(ioctl(fd, 35123, &ifreq), 0);
616 write_domain_policy(policy, 1);
617 if (fd != EOF)
618 close(fd);
619 }
620
621 int main(int argc, char *argv[])
622 {
623 ccs_test_init();
624 fprintf(domain_fp, "%s /bin/true\n", self_domain);
625 fprintf(domain_fp, "use_profile 255\n");
626 fprintf(domain_fp, "select pid=%u\n", pid);
627 fprintf(profile_fp, "255-PREFERENCE::audit={ max_reject_log=1024 }\n");
628 stage_file_test();
629 fprintf(domain_fp, "use_profile 0\n");
630 clear_status();
631 return 0;
632 }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ