• R/O
  • SSH
  • HTTPS

tomoyo: コミット


コミットメタ情報

リビジョン6682 (tree)
日時2019-01-24 19:35:04
作者kumaneko

ログメッセージ

(メッセージはありません)

変更サマリ

差分

--- trunk/2.5.x/tomoyo-tools/kernel_test/tomoyo_bprm_test.c (revision 6681)
+++ trunk/2.5.x/tomoyo-tools/kernel_test/tomoyo_bprm_test.c (revision 6682)
@@ -178,6 +178,7 @@
178178 ccs_test_init();
179179 fprintf(domain_fp, "%s " BINDIR "/true\n", self_domain);
180180 fprintf(domain_fp, "use_profile 255\n");
181+ fprintf(domain_fp, "use_group 0\n");
181182 fprintf(domain_fp, "select pid=%u\n", pid);
182183 fprintf(domain_fp, "file read/write %s\n", proc_policy_domain_policy);
183184 set_profile(3, "file::execute");
--- trunk/2.5.x/tomoyo-tools/kernel_test/tomoyo_new_file_test.c (revision 6681)
+++ trunk/2.5.x/tomoyo-tools/kernel_test/tomoyo_new_file_test.c (revision 6682)
@@ -118,6 +118,7 @@
118118 size_t size = sizeof(buffer);
119119 int pipe_fd[2] = { EOF, EOF };
120120 int err = 0;
121+ int flags;
121122 int fd;
122123 char pbuffer[1024];
123124 struct stat sbuf;
@@ -184,6 +185,38 @@
184185 write_domain_policy(policy, 1);
185186 show_result(uselib("/tmp/uselib"), 0);
186187
188+ policy = "file write /dev/null";
189+ fd = open("/dev/null", O_WRONLY);
190+ show_result(fd, 0);
191+ close(fd);
192+ write_domain_policy(policy, 0);
193+ fd = open("/dev/null", O_WRONLY);
194+ show_result(fd, 1);
195+ write_domain_policy(policy, 1);
196+ flags = fcntl(fd, F_GETFL, 0) | O_APPEND;
197+ policy = "file append /dev/null";
198+ show_result(fcntl(fd, F_SETFL, flags), 0);
199+ write_domain_policy(policy, 0);
200+ show_result(fcntl(fd, F_SETFL, flags), 1);
201+ write_domain_policy(policy, 1);
202+ close(fd);
203+
204+ policy = "file append /dev/null";
205+ fd = open("/dev/null", O_WRONLY | O_APPEND);
206+ show_result(fd, 0);
207+ close(fd);
208+ write_domain_policy(policy, 0);
209+ fd = open("/dev/null", O_WRONLY | O_APPEND);
210+ show_result(fd, 1);
211+ write_domain_policy(policy, 1);
212+ flags = fcntl(fd, F_GETFL, 0) & ~O_APPEND;
213+ policy = "file write /dev/null";
214+ show_result(fcntl(fd, F_SETFL, flags), 0);
215+ write_domain_policy(policy, 0);
216+ show_result(fcntl(fd, F_SETFL, flags), 1);
217+ write_domain_policy(policy, 1);
218+ close(fd);
219+
187220 policy = "file execute " BINDIR "/true task.uid!=10 path1.parent.uid=0";
188221 write_domain_policy(policy, 0);
189222 fflush(stdout);
@@ -625,6 +658,7 @@
625658 make_elf_lib();
626659 fprintf(domain_fp, "%s " BINDIR "/true\n", self_domain);
627660 fprintf(domain_fp, "use_profile 255\n");
661+ fprintf(domain_fp, "use_group 0\n");
628662 fprintf(domain_fp, "select pid=%u\n", pid);
629663 fprintf(profile_fp, "255-PREFERENCE={ max_reject_log=1024 }\n");
630664 stage_file_test();
旧リポジトリブラウザで表示