diff options
author | Timothy Pearson <[email protected]> | 2012-01-22 01:02:36 -0600 |
---|---|---|
committer | Timothy Pearson <[email protected]> | 2012-01-22 01:02:36 -0600 |
commit | b81e43465b14836b17e4fe2dea91c78a2bdd29b3 (patch) | |
tree | 7815d61ce59a6ccb6e655ed44f5fea786f520985 /kdmlib/kdmtsak.h | |
parent | 7021f40c13f949b7cb5ded32d0241d648a43bf6c (diff) | |
download | tdebase-b81e43465b14836b17e4fe2dea91c78a2bdd29b3.tar.gz tdebase-b81e43465b14836b17e4fe2dea91c78a2bdd29b3.zip |
Part 2 of prior commit
Diffstat (limited to 'kdmlib/kdmtsak.h')
-rw-r--r-- | kdmlib/kdmtsak.h | 144 |
1 files changed, 0 insertions, 144 deletions
diff --git a/kdmlib/kdmtsak.h b/kdmlib/kdmtsak.h deleted file mode 100644 index 1987a8218..000000000 --- a/kdmlib/kdmtsak.h +++ /dev/null @@ -1,144 +0,0 @@ -/* - This file is part of the TDE project - Copyright (C) 2011 Timothy Pearson <[email protected]> - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Library General Public - License as published by the Free Software Foundation; either - version 2 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Library General Public License - along with this library; see the file COPYING.LIB. If not, write to - the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. -*/ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <unistd.h> -#include <errno.h> -#include <fcntl.h> -#include <limits.h> -#include <dirent.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/select.h> -#include <sys/time.h> -#include <termios.h> -#include <signal.h> - -#include <tqstring.h> - -#include "config.h" - -// #define DEBUG - -inline int tde_sak_verify_calling_process() -{ - bool authorized = false; - - // Root always has access to everything... - if (getuid() == 0) { - return 0; - } - - pid_t parentproc = getppid(); -#ifdef DEBUG - printf("Parent pid is: %d\n\r", parentproc); -#endif - - char parentexecutable[8192]; - TQString procparent = TQString("/proc/%1/exe").arg(parentproc); - int chars = readlink(procparent.ascii(), parentexecutable, sizeof(parentexecutable)); - parentexecutable[chars] = 0; - parentexecutable[8191] = 0; - procparent = parentexecutable; -#ifdef DEBUG - printf("Parent executable name and full path is: %s\n\r", procparent.ascii()); -#endif - - TQString tdeBinaryPath = TQString(KDE_BINDIR "/"); -#ifdef DEBUG - printf("The TDE binary path is: %s\n\r", tdeBinaryPath.ascii()); -#endif - - if (!procparent.startsWith(tdeBinaryPath)) { - printf("Unauthorized path detected in calling process\n\r"); - return 2; - } - else { - procparent = procparent.mid(tdeBinaryPath.length()); -#ifdef DEBUG - printf("Parent executable name is: %s\n\r", procparent.ascii()); -#endif - if ((procparent == "kdesktop") || (procparent == "kdesktop_lock") || (procparent == "tdm")) { - authorized = true; - } - else if (procparent == "tdeinit") { - printf("tdeinit detected\n\r"); - // A bit more digging is needed to see if this is an authorized process or not - // Get the tdeinit command - char tdeinitcmdline[8192]; - FILE *fp = fopen(TQString("/proc/%1/cmdline").arg(parentproc).ascii(),"r"); - if (fp != NULL) { - if (fgets (tdeinitcmdline, 8192, fp) != NULL) - fclose (fp); - } - tdeinitcmdline[8191] = 0; - TQString tdeinitCommand = tdeinitcmdline; - - // Also get the environment, specifically the path - TQString tdeinitEnvironment; - char tdeinitenviron[8192]; - fp = fopen(TQString("/proc/%1/environ").arg(parentproc).ascii(),"r"); - if (fp != NULL) { - int c; - int pos = 0; - do { - c = fgetc(fp); - tdeinitenviron[pos] = c; - pos++; - if (c == 0) { - TQString curEnvLine = tdeinitenviron; - if (curEnvLine.startsWith("PATH=")) { - tdeinitEnvironment = curEnvLine.mid(5); - } - pos = 0; - } - } while ((c != EOF) && (pos < 8192)); - fclose (fp); - } - tdeinitenviron[8191] = 0; - -#ifdef DEBUG - printf("Called executable name is: %s\n\r", tdeinitCommand.ascii()); - printf("Environment is: %s\n\r", tdeinitEnvironment.ascii()); -#endif - - if ((tdeinitCommand == "kdesktop [tdeinit]") && (tdeinitEnvironment.startsWith(KDE_BINDIR))) { - authorized = true; - } - else { - return 4; - } - } - else { - printf("Unauthorized calling process detected\n\r"); - return 3; - } - - if (authorized == true) { - return 0; - } - } - - return 5; -} - -#undef DEBUG
\ No newline at end of file |