geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

bug 222012. Better enforce persistent directory location

Browse Source
This commit is contained in:
Jim Norman 2007-01-04 08:54:07 +00:00
parent 67e99fc3d9
commit d0a9891cdf
3 changed files with 523 additions and 471 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CASA/CASA.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Jan 4 13:37:03 MST 2007 - jnorman@novell.com
- Bug 221012. Based on code review, enhance persistent directory
policy.
-------------------------------------------------------------------
Wed Jan 3 08:12:10 MST 2007 - jnorman@novell.com

43
CASA/micasad/cache/SecretStore.cs vendored
View File

@ -37,6 +37,11 @@ using sscs.crypto;
using Novell.CASA.CASAPolicy;
#if LINUX
using Mono.Unix.Native;
#endif
namespace sscs.cache
{
class SecretStore
@ -1135,5 +1140,43 @@ namespace sscs.cache
Mono.Unix.Native.Syscall.umask(permissions);
#endif
}
internal bool IsDirectoryOwnedByUser(string sPath)
{
#if LINUX
try
{
Stat stat = new Stat();
int rcode = Syscall.stat(sPath, out stat);
if (stat.st_uid == (uint)this.user.UserIdentifier.GetUID())
{
FilePermissions fp = stat.st_mode;
if ((fp & FilePermissions.S_IWUSR) != FilePermissions.S_IWUSR)
{
return false;
}
else
{
return true;
}
}
else
{
return false;
}
}
catch (Exception e)
{
return false;
}
#else
return true;
#endif
}
}
}

7
CASA/micasad/verbs/ObjectSerialization.cs
View File

@ -277,9 +277,12 @@ namespace sscs.verbs
cpd.SetErrorMessage("Directory not allowed");
return wo;
}
#endif
if (!ssStore.IsDirectoryOwnedByUser(sNewDir))
{
cpd.SetErrorMessage("Directory not owned by user");
return wo;
}
// copy all .miCASA* files to new location
string[] files = Directory.GetFiles(sOldDir, ".miCASA*");