| blob | ca91264133b510c0a5fde36588c57385a4adef92 |
1 /* $NetBSD: policy.c,v 1.1 2009/03/26 22:11:45 ad Exp $ */
3 /*-
4 * Copyright (c) 2009 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Andrew Doran.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
30 */
32 /*-
33 * Copyright (c) 2007 Pawel Jakub Dawidek <pjd@FreeBSD.org>
34 * All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 *
45 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
48 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
55 * SUCH DAMAGE.
56 */
58 #include <sys/param.h>
59 #include <sys/priv.h>
60 #include <sys/vnode.h>
61 #include <sys/mount.h>
62 #include <sys/stat.h>
63 #include <sys/policy.h>
65 int
67 {
70 }
72 int
74 {
77 }
79 int
81 {
84 }
86 int
88 {
92 }
94 int
96 {
100 }
102 /*
103 * This check is done in kern_link(), so we could just return 0 here.
104 */
105 int
107 {
110 }
112 int
114 {
117 }
119 int
121 {
124 }
127 int
129 {
130 uid_t uid;
138 // return kauth_authorize_system(cred, KAUTH_SYSTEM_MOUNT,
139 // KAUTH_REQ_SYSTEM_MOUNT_NEW, vfsp, NULL, NULL);
140 }
142 int
145 {
152 }
154 /*
155 * Check privileges for setting xvattr attributes
156 */
157 int
159 {
160 /* return kauth_authorize_system(cred, KAUTH_SYSTEM_MOUNT,
161 KAUTH_REQ_SYSTEM_MOUNT_UPDATE, vfsp, NULL, NULL);*/
163 }
165 int
167 {
170 }
172 int
174 {
178 NULL));
180 }
182 int
184 {
187 NULL));
188 /* return (priv_check_cred(cred, PRIV_VFS_CHOWN, 0)); */
189 }
191 int
193 {
196 }
198 int
200 {
203 /*return (priv_check_cred(cred, PRIV_VFS_ADMIN, 0));*/
204 }
206 int
209 {
210 /*
211 * Privileged processes may set the sticky bit on non-directories,
212 * as well as set the setgid bit on a file with a group that the process
213 * is not a member of. Both of these are allowed in jail(8).
214 */
218 }
219 /*
220 * Check for privilege if attempting to set the
221 * group-id bit.
222 */
227 }
229 int
233 {
236 }
238 void
240 {
247 }
250 }
252 #ifdef notyet
253 int
255 {
260 }
262 int
266 {
276 }
278 /*
279 * If not the owner of the file then check privilege
280 * for two things: the privilege to set the mode at all
281 * and, if we're setting setuid, we also need permissions
282 * to add the set-uid bit, if we're not the owner.
283 * In the specific case of creating a set-uid root
284 * file, we need even more permissions.
285 */
294 }
300 /*
301 * To change the owner of a file, or change the group of a file to a
302 * group of which we are not a member, the caller must have
303 * privilege.
304 */
311 }
316 }
317 }
319 /*
320 * From utimes(2):
321 * If times is NULL, ... The caller must be the owner of
322 * the file, have permission to write the file, or be the
323 * super-user.
324 * If times is non-NULL, ... The caller must be the owner of
325 * the file or be the super-user.
326 */
332 }
334 }
336 int
338 {
341 }
343 int
345 {
348 }
350 void
352 {
361 }
362 }
363 }
364 #endif