// Copyright 2017 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include #include "sandbox/linux/syscall_broker/broker_command.h" #include "sandbox/linux/syscall_broker/broker_permission_list.h" namespace sandbox { namespace syscall_broker { bool CommandAccessIsSafe(const BrokerCommandSet& command_set, const BrokerPermissionList& policy, const char* requested_filename, int requested_mode, const char** filename_to_use) { return command_set.test(COMMAND_ACCESS) && policy.GetFileNameIfAllowedToAccess(requested_filename, requested_mode, filename_to_use); } bool CommandMkdirIsSafe(const BrokerCommandSet& command_set, const BrokerPermissionList& policy, const char* requested_filename, const char** filename_to_use) { return command_set.test(COMMAND_MKDIR) && policy.GetFileNameIfAllowedToOpen(requested_filename, O_RDWR | O_CREAT | O_EXCL, filename_to_use, nullptr); } bool CommandOpenIsSafe(const BrokerCommandSet& command_set, const BrokerPermissionList& policy, const char* requested_filename, int requested_flags, const char** filename_to_use, bool* unlink_after_open) { return command_set.test(COMMAND_OPEN) && policy.GetFileNameIfAllowedToOpen( requested_filename, requested_flags & ~kCurrentProcessOpenFlagsMask, filename_to_use, unlink_after_open); } bool CommandReadlinkIsSafe(const BrokerCommandSet& command_set, const BrokerPermissionList& policy, const char* requested_filename, const char** filename_to_use) { return command_set.test(COMMAND_READLINK) && policy.GetFileNameIfAllowedToOpen(requested_filename, O_RDONLY, filename_to_use, nullptr); } bool CommandRenameIsSafe(const BrokerCommandSet& command_set, const BrokerPermissionList& policy, const char* old_filename, const char* new_filename, const char** old_filename_to_use, const char** new_filename_to_use) { return command_set.test(COMMAND_RENAME) && policy.GetFileNameIfAllowedToOpen(old_filename, O_RDWR | O_CREAT | O_EXCL, old_filename_to_use, nullptr) && policy.GetFileNameIfAllowedToOpen(new_filename, O_RDWR | O_CREAT | O_EXCL, new_filename_to_use, nullptr); } bool CommandRmdirIsSafe(const BrokerCommandSet& command_set, const BrokerPermissionList& policy, const char* requested_filename, const char** filename_to_use) { return command_set.test(COMMAND_RMDIR) && policy.GetFileNameIfAllowedToOpen(requested_filename, O_RDWR | O_CREAT | O_EXCL, filename_to_use, nullptr); } bool CommandStatIsSafe(const BrokerCommandSet& command_set, const BrokerPermissionList& policy, const char* requested_filename, const char** filename_to_use) { return command_set.test(COMMAND_STAT) && policy.GetFileNameIfAllowedToStat(requested_filename, filename_to_use); } bool CommandUnlinkIsSafe(const BrokerCommandSet& command_set, const BrokerPermissionList& policy, const char* requested_filename, const char** filename_to_use) { return command_set.test(COMMAND_UNLINK) && policy.GetFileNameIfAllowedToOpen(requested_filename, O_RDWR | O_CREAT | O_EXCL, filename_to_use, nullptr); } } // namespace syscall_broker } // namespace sandbox