~azzar1/unity/add-show-desktop-key

Viewing changes to trampoline/trampoline.c

Committer: mattgiuca
Date: 2008-01-29 02:57:10 UTC
Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:322

Added doc/setup - a setup guide specific to our configuration. This is the
result of my successfully configuring IVLE on a production server.

files added:
console/console.js

console/index.html

console/json2.js

console/md5.js

files removed:
test/test_framework/problem.dtd

trampoline/Makefile

trampoline/norm.c

trampoline/norm.dot

trampoline/norm.h

trampoline/test.c

www/media/console/console_app.css

www/media/console/console_app.js

www/media/images/interface/maximize.png

www/media/images/interface/minimize.png

www/plugins

www/plugins/__init__.py

www/plugins/console

www/plugins/console/__init__.py

files modified:
console/python-console

doc/app_howto.txt

doc/setup/install_proc.txt

setup.py

subjects/sample/hello.xml

subjects/sample/ws1.xml

test/test_framework/hello.py

test/test_framework/hello_text.xml

test/test_framework/test.py

trampoline/trampoline.c

userdb/users.sql

www/apps/console/__init__.py

www/apps/consoleservice/__init__.py

www/apps/debuginfo/__init__.py

www/apps/dummy/__init__.py

www/apps/help/__init__.py

www/apps/tutorial/__init__.py

www/apps/tutorialservice/__init__.py

www/apps/tutorialservice/test/TestFramework.py

www/common/makeuser.py

www/common/util.py

www/dispatch/__init__.py

www/dispatch/html.py

www/dispatch/login.py

www/media/browser/browser.css

www/media/browser/listing.js

www/media/common/ivle.css

www/media/console/console.css

www/media/console/console.js

www/media/tutorial/tutorial.css

www/media/tutorial/tutorial.js

Show diffs side-by-side

added added

removed removed

trampoline/trampoline.c

#include <unistd.h>

#include <sys/types.h>

#include <sys/stat.h>

#include <limits.h>

/* conf.h is admin-configured by the setup process.

* It defines jail_base.

125

124

int uid;

126

125

int arg_num = 1;

127

126

int daemon_mode = 0;

128

char canonical_jailpath[PATH_MAX];

129

127

130

128

/* Disallow execution from all users but the whitelisted ones, and root */

131

129

if (!uid_allowed(getuid()))

162

160

exit(1);

163

161

}

164

162

165

/* Jail path must be an absolute path,

166

* and it must begin with jail_base.

163

/* Jail path must:

164

* Be non-empty

165

* Start with a '/'

166

* Not contain "/.."

167

* Begin with jail_base

167

168

if (norm(canonical_jailpath, PATH_MAX, jailpath) != 0)

169

{

170

fprintf(stderr, "bad jail path: %s\n", jailpath);

171

exit(1);

172

}

173

if (strncmp(canonical_jailpath, jail_base, strlen(jail_base)))

169

if (strlen(jailpath) < 1 || jailpath[0] != '/'

170

|| strstr(jailpath, "/..")

171

|| strncmp(jailpath, jail_base, strlen(jail_base)))

174

172

{

175

173

fprintf(stderr, "bad jail path: %s\n", jailpath);

176

174

exit(1);

178

176

179

177

/* chroot into the jail.

180

178

* Henceforth this process, and its children, cannot see anything above

181

* canoncial_jailpath. */

182

if (chroot(canonical_jailpath))

179

* jailpath. */

180

if (chroot(jailpath))

183

181

{

184

182

perror("could not chroot");

185

183

exit(1);

Older »