-
Notifications
You must be signed in to change notification settings - Fork 3
/
listing15.html
executable file
·516 lines (427 loc) · 18.3 KB
/
listing15.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<html>
<head>
<!-- BEGIN META TAG INFO -->
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<link rel="home" href="http://developer.apple.com/">
<link rel="find" href="http://developer.apple.com/search/">
<link rel="stylesheet" type="text/css" href="../../documentation/css/adcstyle.css" title="fonts">
<script language="JavaScript" src="../../documentation/js/adc.js" type="text/javascript"></script>
<!-- END META TAG INFO -->
<!-- BEGIN TITLE -->
<title>BSDLLCTest - /MoreAuthSample/MoreSecurity/MoreSecurityTest/MoreSecurityTestTool.c</title>
<!-- END TITLE -->
<script language="JavaScript">
function JumpToNewPage() {
window.location=document.scpopupmenu.gotop.value;
return true;
}
</script>
</head>
<!-- BEGIN BODY OPEN -->
<body>
<!--END BODY OPEN -->
<!-- START CENTER OPEN -->
<center>
<!-- END CENTER OPEN -->
<!-- BEGIN LOGO AND SEARCH -->
<!--#include virtual="/includes/adcnavbar"-->
<!-- END LOGO AND SEARCH -->
<!-- START BREADCRUMB -->
<div id="breadcrumb">
<table width="680" border="0" cellpadding="0" cellspacing="0">
<tr>
<td scope="row"><img width="340" height="10" src="images/1dot.gif" alt=""></td>
<td><img width="340" height="10" src="images/1dot.gif" alt=""></td>
</tr>
<tr valign="middle">
<td align="left" colspan="2">
<a href="http://developer.apple.com/">ADC Home</a> > <a href="../../referencelibrary/index.html">Reference Library</a> > <a href="../../samplecode/index.html">Sample Code</a> > <a href="../../samplecode/Networking/index.html">Networking</a> > <a href="../../samplecode/Networking/idxHardwareDrivers-date.html">Hardware & Drivers</a> > <A HREF="javascript:location.replace('index.html');">BSDLLCTest</A> >
</td>
</tr>
<tr>
<td colspan="2" scope="row"><img width="680" height="35" src="images/1dot.gif" alt=""></td>
</tr>
</table>
</div>
<!-- END BREADCRUMB -->
<!-- START MAIN CONTENT -->
<!-- START TITLE GRAPHIC AND INTRO-->
<table width="680" border="0" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td><h1><div id="pagehead">BSDLLCTest</div></h1></td>
</tr>
</table>
<!-- END TITLE GRAPHIC AND INTRO -->
<!-- START WIDE COLUMN -->
<table width="680" border="0" cellpadding="0" cellspacing="0">
<tr align="left" valign="top">
<td id="scdetails">
<h2>/MoreAuthSample/MoreSecurity/MoreSecurityTest/MoreSecurityTestTool.c</h2>
<form name="scpopupmenu" onSubmit="return false;" method=post>
<p><strong>View Source Code:</strong>
<select name="gotop" onChange="JumpToNewPage();" style="width:340px"><option selected value="ingnore">Select File</option>
<option value="listing1.html">/BSDLLCTest.c</option>
<option value="listing2.html">/BSDLLCTest.h</option>
<option value="listing3.html">/BSDLLCTestCommon.h</option>
<option value="listing4.html">/EthernetSocketStuff.c</option>
<option value="listing5.html">/EthernetSocketStuff.h</option>
<option value="listing6.html">/EthernetSocketTool.c</option>
<option value="listing7.html">/GetEthernetAddrSample.c</option>
<option value="listing8.html">/GetEthernetAddrSample.h</option>
<option value="listing9.html">/MoreAuthSample/MoreCFQ/MoreCFQ.c</option>
<option value="listing10.html">/MoreAuthSample/MoreCFQ/MoreCFQ.h</option>
<option value="listing11.html">/MoreAuthSample/MoreSecurity/MoreSecurity.c</option>
<option value="listing12.html">/MoreAuthSample/MoreSecurity/MoreSecurity.h</option>
<option value="listing13.html">/MoreAuthSample/MoreSecurity/MoreSecurityTest/MoreSecurityTest.c</option>
<option value="listing14.html">/MoreAuthSample/MoreSecurity/MoreSecurityTest/MoreSecurityTestCommon.h</option>
<option value="listing15.html">/MoreAuthSample/MoreSecurity/MoreSecurityTest/MoreSecurityTestTool.c</option>
<option value="listing16.html">/MoreAuthSample/MoreSecurity/ReadMeAboutMoreAuthSample.html</option>
<option value="listing17.html">/MoreAuthSample/MoreSetup.h</option>
<option value="listing18.html">/MoreAuthSample/MoreUNIX/MoreUNIX.c</option>
<option value="listing19.html">/MoreAuthSample/MoreUNIX/MoreUNIX.h</option>
<option value="listing20.html">/ReadMe-BSDLLCTest.html</option></select>
</p>
</form>
<p><strong><a href="BSDLLCTest.zip">Download Sample</a></strong> (“BSDLLCTest.zip”, 442.6K)<BR>
<strong><a href="BSDLLCTest.dmg">Download Sample</a></strong> (“BSDLLCTest.dmg”, 760.8K)</p>
<!--
<p><strong><a href="#">Download Sample</a></strong> (“filename.sit”, 500K)</p>
-->
</td>
</tr>
<tr>
<td scope="row"><img width="680" height="10" src="images/1dot.gif" alt=""><br>
<img height="1" width="680" src="images/1dot_919699.gif" alt=""><br>
<img width="680" height="20" src="images/1dot.gif" alt=""></td>
</tr>
<tr>
<td scope="row">
<!--googleon: index -->
<pre class="sourcecodebox">/* File: MoreSecurityTestTool.c Contains: Helper tool for the MoreSecurityTest program. Written by: DTS Copyright: Copyright © 2002 by Apple Computer, Inc., All Rights Reserved. Disclaimer: IMPORTANT: This Apple software is supplied to you by Apple Computer, Inc. ("Apple") in consideration of your agreement to the following terms, and your use, installation, modification or redistribution of this Apple software constitutes acceptance of these terms. If you do not agree with these terms, please do not use, install, modify or redistribute this Apple software. In consideration of your agreement to abide by the following terms, and subject to these terms, Apple grants you a personal, non-exclusive license, under Apple's copyrights in this original Apple software (the "Apple Software"), to use, reproduce, modify and redistribute the Apple Software, with or without modifications, in source and/or binary forms; provided that if you redistribute the Apple Software in its entirety and without modifications, you must retain this notice and the following text and disclaimers in all such redistributions of the Apple Software. Neither the name, trademarks, service marks or logos of Apple Computer, Inc. may be used to endorse or promote products derived from the Apple Software without specific prior written permission from Apple. Except as expressly stated in this notice, no other rights or licenses, express or implied, are granted by Apple herein, including but not limited to any patent rights that may be infringed by your derivative works or by other works in which the Apple Software may be incorporated. The Apple Software is provided by Apple on an "AS IS" basis. APPLE MAKES NO WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, REGARDING THE APPLE SOFTWARE OR ITS USE AND OPERATION ALONE OR IN COMBINATION WITH YOUR PRODUCTS. IN NO EVENT SHALL APPLE BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ARISING IN ANY WAY OUT OF THE USE, REPRODUCTION, MODIFICATION AND/OR DISTRIBUTION OF THE APPLE SOFTWARE, HOWEVER CAUSED AND WHETHER UNDER THEORY OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, EVEN IF APPLE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Change History (most recent first):$Log: MoreSecurityTestTool.c,v $Revision 1.5 2003/05/25 12:25:12 eskimo1Added the CVS Log keyword. It's a mystery why it wasn't already included.*//////////////////////////////////////////////////////////////////// System interfaces#include <stdio.h>#include <unistd.h>#include <sys/socket.h>#include <netinet/in.h>// MoreIsBetter interfaces#include "MoreUNIX.h"#include "MoreSecurity.h"#include "MoreCFQ.h"// Our interfaces#include "MoreSecurityTestCommon.h"/////////////////////////////////////////////////////////////////static OSStatus DoGetUIDsCommand(CFDictionaryRef *result) // Executes a very simple command, which just returns // the EUID, RUID, and SUID of the helper tool.{ OSStatus err; int junk; uid_t euid; uid_t ruid; uid_t suid; CFStringRef keys[3]; CFNumberRef values[3]; long long tmp; assert( result != NULL); assert(*result == NULL); euid = geteuid(); ruid = getuid(); // There's no direct accessor for the SUID, so I try to // set the EUID to 0. If that works, our SUID must be 0 (-: if ( (euid != 0) && (MoreSecSetPrivilegedEUID() == 0) ) { suid = 0; junk = MoreSecTemporarilySetNonPrivilegedEUID(); assert(junk == 0); } else { suid = ruid; } keys[0] = kMoreSecurityTestGetUIDsResponseRUID; keys[1] = kMoreSecurityTestGetUIDsResponseEUID; keys[2] = kMoreSecurityTestGetUIDsResponseSUID; tmp = euid; values[0] = CFNumberCreate(NULL, kCFNumberLongLongType, &tmp); tmp = ruid; values[1] = CFNumberCreate(NULL, kCFNumberLongLongType, &tmp); tmp = suid; values[2] = CFNumberCreate(NULL, kCFNumberLongLongType, &tmp); err = noErr; if (values[0] == NULL || values[1] == NULL || values[2] == NULL) { err = coreFoundationUnknownErr; } if (err == noErr) { *result = CFDictionaryCreate(NULL, (const void **) &keys, (const void **) &values, 3, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); err = CFQError(*result); } CFQRelease(values[0]); CFQRelease(values[1]); CFQRelease(values[2]); assert( (err == noErr) == (*result != NULL) ); return err;}static OSStatus OpenAndBindDescAndAppendToArray(UInt16 port, CFMutableArrayRef descArray){ OSStatus err; int junk; int desc; CFNumberRef descNum; descNum = NULL; desc = socket(AF_INET, SOCK_STREAM, 0); err = EXXXToOSStatus( MoreUNIXErrno(desc) ); if (err == noErr) { descNum = CFNumberCreate(NULL, kCFNumberIntType, &desc); if (descNum == NULL) { err = coreFoundationUnknownErr; } } if (err == noErr) { struct sockaddr_in addr; memset(&addr, 0, sizeof(addr)); addr.sin_len = sizeof(addr); addr.sin_family = AF_INET; addr.sin_port = htons(port); err = MoreSecSetPrivilegedEUID(); if (err == 0) { static const int kOne = 1; err = setsockopt(desc, SOL_SOCKET, SO_REUSEADDR, (void *)&kOne, sizeof(kOne)); err = MoreUNIXErrno(err); if (err == 0) { err = bind(desc, (struct sockaddr *) &addr, sizeof(addr)); err = MoreUNIXErrno(err); } (void) MoreSecTemporarilySetNonPrivilegedEUID(); } err = EXXXToOSStatus(err); } if (err == noErr) { CFArrayAppendValue(descArray, descNum); } // Clean up. if (err != noErr) { if (desc != -1) { junk = close(desc); assert(junk == 0); } } CFQRelease(descNum); return err;}static OSStatus DoLowNumberedPortsCommand(CFDictionaryRef *result){ OSStatus err; CFMutableArrayRef descArray; assert( result != NULL); assert(*result == NULL); descArray = NULL; err = CFQArrayCreateMutable(&descArray); if (err == noErr) { err = OpenAndBindDescAndAppendToArray(130, descArray); } if (err == noErr) { err = OpenAndBindDescAndAppendToArray(131, descArray); } if (err == noErr) { err = OpenAndBindDescAndAppendToArray(132, descArray); } if (err == noErr) { CFStringRef key; key = kMoreSecFileDescriptorsKey; *result = CFDictionaryCreate(NULL, (const void **) &key, (const void **) &descArray, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); err = CFQError(*result); } if (err != noErr) { MoreSecCloseDescriptorArray(descArray); } CFQRelease(descArray); assert( (err == noErr) == (*result != NULL) ); return err;}static OSStatus TestToolCommandProc(AuthorizationRef auth, CFDictionaryRef request, CFDictionaryRef *result) // Our command callback for MoreSecHelperToolMain. Extracts // the command name from the request dictionary and calls // through to the appropriate command handler (in this case // there's only one).{ OSStatus err; CFStringRef command; assert(auth != NULL); assert(request != NULL); assert( result != NULL); assert(*result == NULL); assert(geteuid() == getuid()); err = noErr; command = (CFStringRef) CFDictionaryGetValue(request, kMoreSecurityTestCommandNameKey); if ( (command == NULL) || (CFGetTypeID(command) != CFStringGetTypeID()) ) { err = paramErr; } if (err == noErr) { if (CFEqual(command, kMoreSecurityTestGetUIDsCommand)) { static const char *kRightName = "com.apple.dts.MoreIsBetter.MoreSecurity.TestTool"; static const AuthorizationFlags kAuthFlags = kAuthorizationFlagDefaults | kAuthorizationFlagInteractionAllowed | kAuthorizationFlagExtendRights ; AuthorizationItem right = { kRightName, 0, NULL, 0 }; AuthorizationRights rights = { 1, &right }; // Before doing our privileged work, acquire an authorization right. // This allows the system administrator to configure the system // (via "/etc/authorization") for the security level that they want. // // Unfortunately, the default rule in "/etc/authorization" always // triggers a password dialog. Right now, there's no way around // this [2939908]. One commonly accepted workaround is to not // acquire a authorization right (ie don't call AuthorizationCopyRights // here) but instead limit your tool in some other way. For example, // an Internet setup assistant helper tool might only allow the user // to modify network locations that they created. #if MORE_DEBUG fprintf(stderr, "MoreSecurityTest: HelperTool: Calling ACR\n"); #endif err = AuthorizationCopyRights(auth, &rights, kAuthorizationEmptyEnvironment, kAuthFlags, NULL); #if MORE_DEBUG fprintf(stderr, "MoreSecurityTest: HelperTool: ACR returned %ld\n", err); #endif if (err == noErr) { err = DoGetUIDsCommand(result); } } else if (CFEqual(command, kMoreSecurityTestLowNumberPortCommand)) { // On the other hand, in this example, opening these low-numbered ports is // not considered a privileged operation, and so we don't acquire a right // before doing it. err = DoLowNumberedPortsCommand(result); } else { err = paramErr; } } return err;}int main(int argc, const char *argv[]) // Our main function. Apart from comments and debugging, this looks // remarkably like the template shown in "MoreSecurity.h" (-:{ int err; int result; AuthorizationRef auth; #if MORE_DEBUG if (1) { fprintf(stderr, "PID %qd starting\n", (long long) getpid()); fprintf(stderr, " EUID = %ld\n", (long) geteuid()); fprintf(stderr, " RUID = %ld\n", (long) getuid()); if (0) { fprintf(stderr, "Waiting for debugger\n"); (void) pause(); } } #endif // It's vital that we get any auth ref passed to us from // AuthorizationExecuteWithPrivileges before we call // MoreSecDestroyInheritedEnvironment, because AEWP passes its // auth ref to us via the environment. // // auth may come back as NULL, and that's just fine. It signals // that we're not being executed by AuthorizationExecuteWithPrivileges. auth = MoreSecHelperToolCopyAuthRef(); // Because we're normally running as a setuid root program, it's // important that we not trust any information coming to us from // our potentially malicious parent process. // MoreSecDestroyInheritedEnvironment eliminates all sources of // such information, so we can't depend on it ever if we try. err = MoreSecDestroyInheritedEnvironment(kMoreSecKeepStandardFilesMask, argv); // Mask SIGPIPE, otherwise stuff won't work properly. if (err == 0) { err = MoreUNIXIgnoreSIGPIPE(); } // Call the MoreSecurity helper routine. if (err == 0) { err = MoreSecHelperToolMain(STDIN_FILENO, STDOUT_FILENO, auth, TestToolCommandProc, argc, argv); } // Map the error code to a tool result. result = MoreSecErrorToHelperToolResult(err); #if MORE_DEBUG if (1) { fprintf(stderr, "PID %qd stopping\n", (long long) getpid()); fprintf(stderr, " err = %d\n", err); fprintf(stderr, " result = %d\n", result); } #endif return result;}</pre>
<!--googleoff: index -->
</td>
</tr>
</table>
<!-- END WIDE COLUMN -->
<!-- END MAIN CONTENT -->
<table width="680" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><div style="width: 100%; height: 1px; background-color: #919699; margin-top: 5px; margin-bottom: 15px"></div></td>
</tr>
<tr>
<td align="center"><br/>
<table border="0" cellpadding="0" cellspacing="0" class="graybox">
<tr>
<th>Did this document help you?</th>
</tr>
<tr>
<td>
<div style="margin-bottom: 8px"><a href="http://developer.apple.com/feedback/?v=1&url=/samplecode/BSDLLCTest/listing15.html%3Fid%3DDTS10000692-1.0&media=dvd" target=_new>Yes</a>: Tell us what works for you.</div>
<div style="margin-bottom: 8px"><a href="http://developer.apple.com/feedback/?v=2&url=/samplecode/BSDLLCTest/listing15.html%3Fid%3DDTS10000692-1.0&media=dvd" target=_new>It’s good, but:</a> Report typos, inaccuracies, and so forth.</div>
<div><a href="http://developer.apple.com/feedback/?v=3&url=/samplecode/BSDLLCTest/listing15.html%3Fid%3DDTS10000692-1.0&media=dvd" target=_new>It wasn’t helpful</a>: Tell us what would have helped.</div>
</td>
</tr>
</table>
</td>
</tr>
</table>
<!-- START BOTTOM APPLE NAVIGATION -->
<!--#include virtual="/includes/footer"-->
<!-- END BOTTOM APPLE NAVIGATION -->
<!-- START CENTER CLOSE -->
</center>
<!-- END CENTER CLOSE -->
</body>
</html>