/*
kHTTPd -- the next generation
Permissions/Security functions
*/
/****************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
****************************************************************/
#include <linux/kernel.h>
#include <linux/errno.h>
#include <linux/slab.h>
#include <linux/net.h>
#include <linux/sched.h>
#include <linux/skbuff.h>
#include <linux/smp_lock.h>
#include <linux/un.h>
#include <linux/unistd.h>
#include <net/ip.h>
#include <net/sock.h>
#include <net/tcp.h>
#include <asm/atomic.h>
#include <asm/semaphore.h>
#include <asm/processor.h>
#include <asm/uaccess.h>
#include <linux/file.h>
#include "sysctl.h"
#include "security.h"
#include "prototypes.h"
/*
The basic security function answers "Userspace" when any one of the following
conditions is met:
1) The filename contains a "?" (this is before % decoding, all others are
after % decoding)
2) The filename doesn't start with a "/"
3) The file does not exist
4) The file does not have enough permissions
(sysctl-configurable, default = worldreadble)
5) The file has any of the "forbidden" permissions
(sysctl-configurable, default = execute, directory and sticky)
6) The filename contains a string as defined in the "Dynamic" list.
*/
/* Prototypes */
static void DecodeHexChars(char *URL);
static struct DynamicString *DynamicList=NULL;
/*
The function "OpenFileForSecurity" returns either the "struct file" pointer
of the file, or NULL. NULL means "let userspace handle it".
*/
struct file *OpenFileForSecurity(char *Filename)
{
struct file *filp = NULL;
struct DynamicString *List;
umode_t permission;
EnterFunction("OpenFileForSecurity");
if (Filename==NULL)
goto out_error;
if (strlen(Filename)>=256 )
goto out_error; /* Sanity check */
/* Rule no. 1 -- No "?" characters */
#ifndef BENCHMARK
if (strchr(Filename,'?')!=NULL)
goto out_error;
/* Intermediate step: decode all %hex sequences */
DecodeHexChars(Filename);
/* Rule no. 2 -- Must start with a "/" */
if (Filename[0]!='/')
goto out_error;
#endif
/* Rule no. 3 -- Does the file exist ? */
filp = filp_open(Filename, O_RDONLY, 0);
if (IS_ERR(filp))
goto out_error;
#ifndef BENCHMARK
permission = filp->f_dentry->d_inode->i_mode;
/* Rule no. 4 : must have enough permissions */
if ((permission & sysctl_khttpd_permreq)==0)
goto out_error_put;
/* Rule no. 5 : cannot have "forbidden" permission */
if ((permission & sysctl_khttpd_permforbid)!=0)
goto out_error_put;
/* Rule no. 6 : No string in DynamicList can be a
substring of the filename */
List = DynamicList;
while (List!=NULL)
{
if (strstr(Filename,List->value)!=NULL)
goto out_error_put;
List = List->Next;
}
#endif
LeaveFunction("OpenFileForSecurity - success");
out:
return filp;
out_error_put:
fput(filp);
out_error:
filp=NULL;
LeaveFunction("OpenFileForSecurity - fail");
goto out;
}
/*
DecodeHexChars does the actual %HEX decoding, in place.
In place is possible because strings only get shorter by this.
*/
static void DecodeHexChars(char *URL)
{
char *Source,*Dest;
int val,val2;
EnterFunction("DecodeHexChars");
Source = strchr(URL,'%');
if (Source==NULL)
return;
Dest = Source;
while (*Source!=0)
{
if (*Source=='%')
{
Source++;
val = *Source;
if (val>'Z') val-=0x20;
val = val - '0';
if (val<0) val=0;
if (val>9) val-=7;
if (val>15) val=15;
Source++;
val2 = *Source;
if (val2>'Z') val2-=0x20;
val2 = val2 - '0';
if (val2<0) val2=0;
if (val2>9) val2-=7;
if (val2>15) val2=15;
*Dest=val*16+val2;
} else *Dest = *Source;
Dest++;
Source++;
}
*Dest=0;
LeaveFunction("DecodeHexChars");
}
void AddDynamicString(const char *String)
{
struct DynamicString *Temp;
EnterFunction("AddDynamicString");
Temp = (struct DynamicString*)kmalloc(sizeof(struct DynamicString),(int)GFP_KERNEL);
if (Temp==NULL)
return;
memset(Temp->value,0,sizeof(Temp->value));
strncpy(Temp->value,String,sizeof(Temp->value)-1);
Temp->Next = DynamicList;
DynamicList = Temp;
LeaveFunction("AddDynamicString");
}
void GetSecureString(char *String)
{
struct DynamicString *Temp;
int max;
EnterFunction("GetSecureString");
*String = 0;
memset(String,0,255);
strncpy(String,"Dynamic strings are : -",255);
Temp = DynamicList;
while (Temp!=NULL)
{
max=253 - strlen(String) - strlen(Temp->value);
strncat(String,Temp->value,max);
max=253 - strlen(String) - 3;
strncat(String,"- -",max);
Temp = Temp->Next;
}
LeaveFunction("GetSecureString");
}
![[BACK]](/icons/back.gif){kind=icon}
Return to security.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [Development] / linux-2.4-xfs / net / khttpd