From 1e9b185b0c274ef0d684b1e43418388225321e72 Mon Sep 17 00:00:00 2001 From: Havoc Pennington Date: Fri, 30 Jul 2004 05:59:34 +0000 Subject: 2004-07-24 Havoc Pennington SELinux support from Matthew Rickard * bus/selinux.c, bus/selinux.h: new file encapsulating selinux functionality * configure.in: add --enable-selinux * bus/policy.c (bus_policy_merge): add FIXME to a comment * bus/main.c (main): initialize and shut down selinux * bus/connection.c: store SELinux ID on each connection, to avoid repeated getting of the string context and converting it into an ID * bus/bus.c (bus_context_get_policy): new accessor, though it isn't used (bus_context_check_security_policy): check whether the security context of sender connection can send to the security context of recipient connection * bus/config-parser.c: add parsing for and * dbus/dbus-transport.c (_dbus_transport_get_unix_fd): to implement dbus_connection_get_unix_fd() * dbus/dbus-connection.c (dbus_connection_get_unix_fd): new function, used by the selinux stuff --- bus/bus.c | 49 ++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 42 insertions(+), 7 deletions(-) (limited to 'bus/bus.c') diff --git a/bus/bus.c b/bus/bus.c index f3ef761b..61f6d7d3 100644 --- a/bus/bus.c +++ b/bus/bus.c @@ -29,6 +29,7 @@ #include "policy.h" #include "config-parser.h" #include "signals.h" +#include "selinux.h" #include #include #include @@ -403,6 +404,7 @@ process_config_every_time (BusContext *context, { DBusString full_address; DBusList *link; + DBusHashTable *service_sid_table; dbus_bool_t retval; @@ -480,6 +482,11 @@ process_config_every_time (BusContext *context, goto failed; } + service_sid_table = bus_config_parser_steal_service_sid_table (parser); + bus_registry_set_service_sid_table (context->registry, + service_sid_table); + _dbus_hash_table_unref (service_sid_table); + _DBUS_ASSERT_ERROR_IS_CLEAR (error); retval = TRUE; @@ -569,6 +576,13 @@ bus_context_new (const DBusString *config_file, goto failed; } + context->registry = bus_registry_new (context); + if (context->registry == NULL) + { + BUS_SET_OOM (error); + goto failed; + } + if (!load_config (context, FALSE, error)) { _DBUS_ASSERT_ERROR_IS_SET (error); @@ -637,13 +651,6 @@ bus_context_new (const DBusString *config_file, goto failed; } - context->registry = bus_registry_new (context); - if (context->registry == NULL) - { - BUS_SET_OOM (error); - goto failed; - } - context->matchmaker = bus_matchmaker_new (); if (context->matchmaker == NULL) { @@ -958,6 +965,12 @@ bus_context_allow_user (BusContext *context, uid); } +BusPolicy * +bus_context_get_policy (BusContext *context) +{ + return context->policy; +} + BusClientPolicy* bus_context_create_client_policy (BusContext *context, DBusConnection *connection, @@ -1088,6 +1101,28 @@ bus_context_check_security_policy (BusContext *context, if (sender != NULL) { + /* First verify the SELinux access controls. If allowed then + * go on with the standard checks. + */ + if (!bus_selinux_allows_send (sender, proposed_recipient)) + { + const char *dest = dbus_message_get_destination (message); + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, + "An SELinux policy prevents this sender " + "from sending this message to this recipient " + "(rejected message had interface \"%s\" " + "member \"%s\" error name \"%s\" destination \"%s\")", + dbus_message_get_interface (message) ? + dbus_message_get_interface (message) : "(unset)", + dbus_message_get_member (message) ? + dbus_message_get_member (message) : "(unset)", + dbus_message_get_error_name (message) ? + dbus_message_get_error_name (message) : "(unset)", + dest ? dest : DBUS_SERVICE_ORG_FREEDESKTOP_DBUS); + _dbus_verbose ("SELinux security check denying send to service\n"); + return FALSE; + } + if (bus_connection_is_active (sender)) { sender_policy = bus_connection_get_policy (sender); -- cgit