int main (int argc, char *argv[]) { pid_t pid = flume_fork_safe(); if (pid) { fprintf (stderr, "parent: my pid %d\n", getpid()); } else { fprintf (stderr, "child: my pid %d\n", getpid()); /* creat the file before tainting ourselves! */ x_handle_tc h = 0x10000000000000f2LL; x_labelset_tc ls; memset ((void *)&ls, 0, sizeof (ls)); ls.S.len = 1; ls.S.val = &h; int fd = flume_open ("/home/output", O_CREAT | O_WRONLY | O_TRUNC, 0644, &ls); close(fd); /* close the fd, and prove to the RM that we're safe */ flume_check_safe (); /** The following line requests a secrecy handle that we do not own * it would fail if we had not called flume_fork_safe() */ flume_status_tc r = flume_expand_label (LABEL_S, 0x10000000000000f2LL); fprintf (stderr, "expand_label: return code %d\n", r); x_label_tc *lab = label_alloc (0); flume_get_label (lab, LABEL_S); label_print (stderr, lab); label_free (lab); fprintf (stderr, "\n"); /* Read some secret data */ const char *file = "/home/yipal4"; int rc; if ((rc = open(file, O_RDONLY)) < 0) return 0; /* output secret data to a tainted file */ fd = flume_open ("/home/output", O_WRONLY | O_TRUNC, 0644, &ls); FILE *f = fdopen (fd, "w"); fprintf (f, "I know a secret!\n"); fclose (f); close(fd); } return 0; }
int main (int argc, char *argv[]) { flume_status_tc status; x_handle_tc h, t; char *token; /* Create a new handle */ status = flume_new_handle (&h, HANDLE_OPT_DEFAULT_ADD | HANDLE_OPT_PERSISTENT, "testhandle"); if (status) { printf ("error creating new handle\n"); exit (1); } printf ("new handle is %llx\n", h); t = handle_construct (HANDLE_OPT_PERSISTENT | CAPABILITY_SUBTRACT | HANDLE_OPT_DEFAULT_ADD, h); status = flume_make_login (t, 0, 0, &token); printf ("random token is: %s\n", token); if (status) { printf ("error making login\n"); exit (1); } printf ("Stage 1 O label: "); x_label_tc *lab = label_alloc (0); flume_get_label (lab, LABEL_O); label_print (stdout, lab); label_free (lab); fprintf (stderr, "\n"); /* Get rid of our capability */ status = flume_shrink_label (LABEL_O, h); printf ("shrink_label: return code %d\n", status); printf ("Stage 2 O label: "); lab = label_alloc (0); flume_get_label (lab, LABEL_O); label_print (stdout, lab); label_free (lab); fprintf (stderr, "\n"); status = flume_req_privs (t, token); printf ("Stage 4 O label: "); lab = label_alloc (0); flume_get_label (lab, LABEL_O); label_print (stdout, lab); label_free (lab); fprintf (stderr, "\n"); t = handle_construct (HANDLE_OPT_PERSISTENT | HANDLE_OPT_DEFAULT_ADD, handle_base (h)); status = flume_expand_label (LABEL_S, t); printf ("expand_label: return code %d\n", status); printf ("Stage 4 S label: "); lab = label_alloc (0); flume_get_label (lab, LABEL_S); label_print (stdout, lab); label_free (lab); fprintf (stderr, "\n"); return 0; }
int selinux_setup(bool *loaded_policy) { #ifdef HAVE_SELINUX int enforce = 0; usec_t before_load, after_load; security_context_t con; int r; union selinux_callback cb; assert(loaded_policy); /* Turn off all of SELinux' own logging, we want to do that */ cb.func_log = null_log; selinux_set_callback(SELINUX_CB_LOG, cb); /* Already initialized by somebody else? */ r = getcon_raw(&con); if (r == 0) { bool initialized; initialized = !streq(con, "kernel"); freecon(con); if (initialized) return 0; } /* Make sure we have no fds open while loading the policy and * transitioning */ log_close(); /* Now load the policy */ before_load = now(CLOCK_MONOTONIC); r = selinux_init_load_policy(&enforce); if (r == 0) { char timespan[FORMAT_TIMESPAN_MAX]; char *label; retest_selinux(); /* Transition to the new context */ r = label_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label); if (r < 0 || label == NULL) { log_open(); log_error("Failed to compute init label, ignoring."); } else { r = setcon(label); log_open(); if (r < 0) log_error("Failed to transition into init label '%s', ignoring.", label); label_free(label); } after_load = now(CLOCK_MONOTONIC); log_info("Successfully loaded SELinux policy in %s.", format_timespan(timespan, sizeof(timespan), after_load - before_load)); *loaded_policy = true; } else { log_open(); if (enforce > 0) { log_error("Failed to load SELinux policy. Freezing."); return -EIO; } else log_debug("Unable to load SELinux policy. Ignoring."); } #endif return 0; }