int main (int argc, char *argv[]) {
pid_t pid = flume_fork_safe();
if (pid) {
fprintf (stderr, "parent: my pid %d\n", getpid());
} else {
fprintf (stderr, "child: my pid %d\n", getpid());
/* creat the file before tainting ourselves! */
x_handle_tc h = 0x10000000000000f2LL;
x_labelset_tc ls;
memset ((void *)&ls, 0, sizeof (ls));
ls.S.len = 1;
ls.S.val = &h;
int fd = flume_open ("/home/output", O_CREAT | O_WRONLY | O_TRUNC, 0644,
&ls);
close(fd);
/* close the fd, and prove to the RM that we're safe */
flume_check_safe ();
/** The following line requests a secrecy handle that we do not own
* it would fail if we had not called flume_fork_safe()
*/
flume_status_tc r = flume_expand_label (LABEL_S, 0x10000000000000f2LL);
fprintf (stderr, "expand_label: return code %d\n", r);
x_label_tc *lab = label_alloc (0);
flume_get_label (lab, LABEL_S);
label_print (stderr, lab);
label_free (lab);
fprintf (stderr, "\n");
/* Read some secret data */
const char *file = "/home/yipal4";
int rc;
if ((rc = open(file, O_RDONLY)) < 0)
return 0;
/* output secret data to a tainted file */
fd = flume_open ("/home/output", O_WRONLY | O_TRUNC, 0644, &ls);
FILE *f = fdopen (fd, "w");
fprintf (f, "I know a secret!\n");
fclose (f);
close(fd);
}
return 0;
}
int main (int argc, char *argv[]) {
flume_status_tc status;
x_handle_tc h, t;
char *token;
/* Create a new handle */
status = flume_new_handle (&h, HANDLE_OPT_DEFAULT_ADD | HANDLE_OPT_PERSISTENT,
"testhandle");
if (status) {
printf ("error creating new handle\n");
exit (1);
}
printf ("new handle is %llx\n", h);
t = handle_construct (HANDLE_OPT_PERSISTENT |
CAPABILITY_SUBTRACT |
HANDLE_OPT_DEFAULT_ADD, h);
status = flume_make_login (t, 0, 0, &token);
printf ("random token is: %s\n", token);
if (status) {
printf ("error making login\n");
exit (1);
}
printf ("Stage 1 O label: ");
x_label_tc *lab = label_alloc (0);
flume_get_label (lab, LABEL_O);
label_print (stdout, lab);
label_free (lab);
fprintf (stderr, "\n");
/* Get rid of our capability */
status = flume_shrink_label (LABEL_O, h);
printf ("shrink_label: return code %d\n", status);
printf ("Stage 2 O label: ");
lab = label_alloc (0);
flume_get_label (lab, LABEL_O);
label_print (stdout, lab);
label_free (lab);
fprintf (stderr, "\n");
status = flume_req_privs (t, token);
printf ("Stage 4 O label: ");
lab = label_alloc (0);
flume_get_label (lab, LABEL_O);
label_print (stdout, lab);
label_free (lab);
fprintf (stderr, "\n");
t = handle_construct (HANDLE_OPT_PERSISTENT | HANDLE_OPT_DEFAULT_ADD, handle_base (h));
status = flume_expand_label (LABEL_S, t);
printf ("expand_label: return code %d\n", status);
printf ("Stage 4 S label: ");
lab = label_alloc (0);
flume_get_label (lab, LABEL_S);
label_print (stdout, lab);
label_free (lab);
fprintf (stderr, "\n");
return 0;
}
int selinux_setup(bool *loaded_policy) {
#ifdef HAVE_SELINUX
int enforce = 0;
usec_t before_load, after_load;
security_context_t con;
int r;
union selinux_callback cb;
assert(loaded_policy);
/* Turn off all of SELinux' own logging, we want to do that */
cb.func_log = null_log;
selinux_set_callback(SELINUX_CB_LOG, cb);
/* Already initialized by somebody else? */
r = getcon_raw(&con);
if (r == 0) {
bool initialized;
initialized = !streq(con, "kernel");
freecon(con);
if (initialized)
return 0;
}
/* Make sure we have no fds open while loading the policy and
* transitioning */
log_close();
/* Now load the policy */
before_load = now(CLOCK_MONOTONIC);
r = selinux_init_load_policy(&enforce);
if (r == 0) {
char timespan[FORMAT_TIMESPAN_MAX];
char *label;
retest_selinux();
/* Transition to the new context */
r = label_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label);
if (r < 0 || label == NULL) {
log_open();
log_error("Failed to compute init label, ignoring.");
} else {
r = setcon(label);
log_open();
if (r < 0)
log_error("Failed to transition into init label '%s', ignoring.", label);
label_free(label);
}
after_load = now(CLOCK_MONOTONIC);
log_info("Successfully loaded SELinux policy in %s.",
format_timespan(timespan, sizeof(timespan), after_load - before_load));
*loaded_policy = true;
} else {
log_open();
if (enforce > 0) {
log_error("Failed to load SELinux policy. Freezing.");
return -EIO;
} else
log_debug("Unable to load SELinux policy. Ignoring.");
}
#endif
return 0;
}
