From 15784261dfaece73ef53f5beb5d3917a95dc1ae4 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sat, 26 May 2012 01:44:40 +0100 Subject: Add a sandbox fallback mechanism, so that behaviour on Linux depends on whether the running system's kernel has seccomp_filter support, not the build system's kernel (forwarded upstream as https://bugzilla.mindrot.org/show_bug.cgi?id=2011). --- sandbox.c | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) create mode 100644 sandbox.c (limited to 'sandbox.c') diff --git a/sandbox.c b/sandbox.c new file mode 100644 index 000000000..20fd57d16 --- /dev/null +++ b/sandbox.c @@ -0,0 +1,82 @@ +/* $Id$ */ +/* + * Copyright (c) 2012 Colin Watson + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include + +#include +#include + +#include "log.h" +#include "ssh-sandbox.h" + +static Sandbox *sandboxes[] = { + &ssh_sandbox_systrace, + &ssh_sandbox_darwin, + &ssh_sandbox_seccomp_filter, + &ssh_sandbox_rlimit, + &ssh_sandbox_null, + NULL +}; + +static Sandbox *selected; + +static void +sandbox_select(void) +{ + Sandbox **sandbox; + + if (selected) + return; + + for (sandbox = sandboxes; sandbox; sandbox++) { + if ((*sandbox)->probe && (*sandbox)->probe()) { + selected = *sandbox; + return; + } + } + + /* should never happen, as ssh_sandbox_null always succeeds */ + fatal("no sandbox implementation found"); +} + +void * +ssh_sandbox_init(void) +{ + sandbox_select(); + return selected->init(); +} + +void +ssh_sandbox_child(void *box) +{ + sandbox_select(); + return selected->child(box); +} + +void +ssh_sandbox_parent_finish(void *box) +{ + sandbox_select(); + return selected->parent_finish(box); +} + +void +ssh_sandbox_parent_preauth(void *box, pid_t child_pid) +{ + sandbox_select(); + return selected->parent_preauth(box, child_pid); +} -- cgit v1.2.3