frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xace: rename hostlist security hook to "server" as this hook will be used 

for other types of server access besides just the host list.
This commit is contained in:
Eamon Walsh 2007-08-15 14:14:25 -04:00 committed by Eamon Walsh
parent dc84bb3418
commit 3c9553ac2c
7 changed files with 17 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Xext/security.c
View File

@ -1222,10 +1222,10 @@ SecurityCheckExtAccess(CallbackListPtr *pcbl, pointer unused,
} }
static void static void
SecurityCheckHostlistAccess(CallbackListPtr *pcbl, pointer unused, SecurityCheckServerAccess(CallbackListPtr *pcbl, pointer unused,
pointer calldata) pointer calldata)
{ {
XaceHostlistAccessRec *rec = (XaceHostlistAccessRec*)calldata; XaceServerAccessRec *rec = (XaceServerAccessRec*)calldata;
if (TRUSTLEVEL(rec->client) != XSecurityClientTrusted) if (TRUSTLEVEL(rec->client) != XSecurityClientTrusted)
{ {
@ -1851,5 +1851,5 @@ SecurityExtensionInit(INITARGS)
XaceRC(XACE_BACKGRND_ACCESS, SecurityCheckBackgrndAccess, NULL); XaceRC(XACE_BACKGRND_ACCESS, SecurityCheckBackgrndAccess, NULL);
XaceRC(XACE_EXT_DISPATCH, SecurityCheckExtAccess, NULL); XaceRC(XACE_EXT_DISPATCH, SecurityCheckExtAccess, NULL);
XaceRC(XACE_EXT_ACCESS, SecurityCheckExtAccess, NULL); XaceRC(XACE_EXT_ACCESS, SecurityCheckExtAccess, NULL);
XaceRC(XACE_HOSTLIST_ACCESS, SecurityCheckHostlistAccess, NULL); XaceRC(XACE_SERVER_ACCESS, SecurityCheckServerAccess, NULL);
} /* SecurityExtensionInit */ } /* SecurityExtensionInit */

4
Xext/xace.c
View File

@ -135,8 +135,8 @@ int XaceHook(int hook, ...)
prv = &rec.status; prv = &rec.status;
break; break;
} }
case XACE_HOSTLIST_ACCESS: { case XACE_SERVER_ACCESS: {
XaceHostlistAccessRec rec = { XaceServerAccessRec rec = {
va_arg(ap, ClientPtr), va_arg(ap, ClientPtr),
va_arg(ap, Mask), va_arg(ap, Mask),
Success /* default allow */ Success /* default allow */

2
Xext/xace.h
View File

@ -49,7 +49,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#define XACE_MAP_ACCESS 6 #define XACE_MAP_ACCESS 6
#define XACE_BACKGRND_ACCESS 7 #define XACE_BACKGRND_ACCESS 7
#define XACE_EXT_ACCESS 8 #define XACE_EXT_ACCESS 8
#define XACE_HOSTLIST_ACCESS 9 #define XACE_SERVER_ACCESS 9
#define XACE_SELECTION_ACCESS 10 #define XACE_SELECTION_ACCESS 10
#define XACE_SCREEN_ACCESS 11 #define XACE_SCREEN_ACCESS 11
#define XACE_SCREENSAVER_ACCESS 12 #define XACE_SCREENSAVER_ACCESS 12

6
Xext/xacestr.h
View File

@ -86,12 +86,12 @@ typedef struct {
int status; int status;
} XaceExtAccessRec; } XaceExtAccessRec;
/* XACE_HOSTLIST_ACCESS */ /* XACE_SERVER_ACCESS */
typedef struct { typedef struct {
ClientPtr client; ClientPtr client;
Mask access_mode; Mask access_mode;
int status; int status;
} XaceHostlistAccessRec; } XaceServerAccessRec;
/* XACE_SELECTION_ACCESS */ /* XACE_SELECTION_ACCESS */
typedef struct { typedef struct {
@ -101,6 +101,8 @@ typedef struct {
int status; int status;
} XaceSelectionAccessRec; } XaceSelectionAccessRec;
/* XACE_SCREEN_ACCESS */
/* XACE_SCREENSAVER_ACCESS */
typedef struct { typedef struct {
ClientPtr client; ClientPtr client;
ScreenPtr screen; ScreenPtr screen;

8
Xext/xselinux.c
View File

@ -1175,15 +1175,15 @@ XSELinuxDrawable(CallbackListPtr *pcbl, pointer unused, pointer calldata)
} /* XSELinuxDrawable */ } /* XSELinuxDrawable */
static void static void
XSELinuxHostlist(CallbackListPtr *pcbl, pointer unused, pointer calldata) XSELinuxServer(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{ {
XaceHostlistAccessRec *rec = (XaceHostlistAccessRec*)calldata; XaceServerAccessRec *rec = (XaceServerAccessRec*)calldata;
access_vector_t perm = (rec->access_mode == DixReadAccess) ? access_vector_t perm = (rec->access_mode == DixReadAccess) ?
XSERVER__GETHOSTLIST : XSERVER__SETHOSTLIST; XSERVER__GETHOSTLIST : XSERVER__SETHOSTLIST;
if (ServerPerm(rec->client, SECCLASS_XSERVER, perm) != Success) if (ServerPerm(rec->client, SECCLASS_XSERVER, perm) != Success)
rec->status = BadAccess; rec->status = BadAccess;
} /* XSELinuxHostlist */ } /* XSELinuxServer */
/* Extension callbacks */ /* Extension callbacks */
static void static void
@ -1397,7 +1397,7 @@ XSELinuxExtensionInit(INITARGS)
XaceRegisterCallback(XACE_EXT_DISPATCH, XSELinuxExtDispatch, NULL); XaceRegisterCallback(XACE_EXT_DISPATCH, XSELinuxExtDispatch, NULL);
XaceRegisterCallback(XACE_RESOURCE_ACCESS, XSELinuxResLookup, NULL); XaceRegisterCallback(XACE_RESOURCE_ACCESS, XSELinuxResLookup, NULL);
XaceRegisterCallback(XACE_MAP_ACCESS, XSELinuxMap, NULL); XaceRegisterCallback(XACE_MAP_ACCESS, XSELinuxMap, NULL);
XaceRegisterCallback(XACE_HOSTLIST_ACCESS, XSELinuxHostlist, NULL); XaceRegisterCallback(XACE_SERVER_ACCESS, XSELinuxServer, NULL);
XaceRegisterCallback(XACE_BACKGRND_ACCESS, XSELinuxBackgrnd, NULL); XaceRegisterCallback(XACE_BACKGRND_ACCESS, XSELinuxBackgrnd, NULL);
XaceRegisterCallback(XACE_DRAWABLE_ACCESS, XSELinuxDrawable, NULL); XaceRegisterCallback(XACE_DRAWABLE_ACCESS, XSELinuxDrawable, NULL);
XaceRegisterCallback(XACE_PROPERTY_ACCESS, XSELinuxProperty, NULL); XaceRegisterCallback(XACE_PROPERTY_ACCESS, XSELinuxProperty, NULL);

2
dix/dispatch.c
View File

@ -3346,7 +3346,7 @@ ProcListHosts(ClientPtr client)
REQUEST_SIZE_MATCH(xListHostsReq); REQUEST_SIZE_MATCH(xListHostsReq);
/* untrusted clients can't list hosts */ /* untrusted clients can't list hosts */
result = XaceHook(XACE_HOSTLIST_ACCESS, client, DixReadAccess); result = XaceHook(XACE_SERVER_ACCESS, client, DixReadAccess);
if (result != Success) if (result != Success)
return result; return result;

2
os/access.c
View File

@ -1500,7 +1500,7 @@ AuthorizedClient(ClientPtr client)
return TRUE; return TRUE;
/* untrusted clients can't change host access */ /* untrusted clients can't change host access */
if (XaceHook(XACE_HOSTLIST_ACCESS, client, DixWriteAccess) != Success) if (XaceHook(XACE_SERVER_ACCESS, client, DixWriteAccess) != Success)
return FALSE; return FALSE;
return LocalClient(client); return LocalClient(client);