Commit ZEN/security issue changes

This commit is contained in:
Jim Norman 2008-03-27 16:43:13 +00:00
parent c17c298d72
commit 91d35ccb7c
6 changed files with 74 additions and 22 deletions

View File

@ -70,6 +70,8 @@ namespace sscs.cache
private static string POLICY_DIRECTORY = "/home/.casa";
private MPFileWatcher mpWatcher = null;
private Secret m_DesktopSecret = new Secret(ConstStrings.MICASA_DESKTOP_PASSWD);
private DateTime createTime;
public DateTime CreateTime
{
@ -885,8 +887,25 @@ namespace sscs.cache
mpWatcher.resumeWatcher();
}
internal Secret GetDesktopSecret()
{
return m_DesktopSecret;
}
internal string GetDesktopPasswd()
{
try
{
Secret secret = GetDesktopSecret();
string passwd = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue();
return passwd;
}
catch
{
CSSSLogger.DbgLog("Desktop password not set in Session");
}
try
{
string keyChainId = ConstStrings.SSCS_SESSION_KEY_CHAIN_ID + "\0";
@ -899,7 +918,9 @@ namespace sscs.cache
{
CSSSLogger.DbgLog("Desktop password not set");
}
return null;
}
internal string GetUserHomeDirectory()

View File

@ -34,6 +34,16 @@ namespace sscs.common
{
class CSSSUtils
{
public static bool AllowDesktopPasswordAccess()
{
#if LINUX
return true;
#else
return true;
#endif
}
public static bool IsFileOwnedByRoot(string filePath)
{
#if LINUX

View File

@ -44,7 +44,7 @@ namespace sscs.init
string sCredMgrPath = GetCredMgrPath();
if (sCredMgrPath != null)
{
RunProcess(sExePath, "/i /n /s " + "\"" + sCredMgrPath + "\"");
RunProcess(sExePath, "/i:thecommandline /n /s " + "\"" + sCredMgrPath + "\"");
}
}
}

View File

@ -97,7 +97,6 @@ namespace sscs.init
foreach (string arg in args)
{
System.Diagnostics.Trace.WriteLine("arg: " + arg);
System.Diagnostics.Debug.WriteLine("arg: " + arg);
}

View File

@ -77,8 +77,8 @@ namespace sscs.verbs
// get the store for the src
try
{
WinUserIdentifier srcUser = new WinUserIdentifier(luidLow, luidHigh);
SecretStore srcStore = SessionManager.GetUserSecretStore(srcUser);
//WinUserIdentifier srcUser = new WinUserIdentifier(luidLow, luidHigh);
SecretStore srcStore = SessionManager.GetUserSecretStore(userId);
KeyChain kcSrc = null;
KeyChain kcDest = null;
@ -104,7 +104,7 @@ namespace sscs.verbs
if (iDestroySrcCache > 0)
{
SessionManager.RemoveUserSession(srcUser, true);
srcStore.RemoveKeyChain(luidHigh.ToString() + luidLow.ToString());
}
}
else

View File

@ -206,8 +206,28 @@ namespace sscs.verbs
keyChain = ssStore.GetKeyChain(keyChainId);
Secret secret = null;
if (ConstStrings.MICASA_DESKTOP_PASSWD == secretId)
{
secret = ssStore.GetDesktopSecret();
if (common.CSSSUtils.AllowDesktopPasswordAccess())
{
if (keyChain.CheckIfSecretExists(secretId) == false)
{
keyChain.AddSecret(secret);
}
}
else
{
// NOTE: This removes secret is session too...
//keyChain.RemoveSecret(secretId);
}
}
else
{
// add this secret if it doesn't already exist
if( keyChain.CheckIfSecretExists(secretId) == false)
if (keyChain.CheckIfSecretExists(secretId) == false)
{
secret = new Secret(secretId);
keyChain.AddSecret(secret);
@ -216,6 +236,8 @@ namespace sscs.verbs
{
secret = keyChain.GetSecret(secretId);
}
}
string oldPasswd = null;
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)