/[path-sandbox]/trunk/libsandbox.c
Gentoo

Diff of /trunk/libsandbox.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 143 Revision 144
1148 char *log_path = NULL; 1148 char *log_path = NULL;
1149 int old_errno = errno; 1149 int old_errno = errno;
1150 int result = 1; 1150 int result = 1;
1151 int log_file = 0; 1151 int log_file = 0;
1152 int debug = 0; 1152 int debug = 0;
1153 int color = ((getenv("NOCOLOR") != NULL) ? 0 : 1);
1153 1154
1154 init_wrappers(); 1155 init_wrappers();
1155 1156
1156 absolute_path = filter_path(file, 0); 1157 absolute_path = filter_path(file, 0);
1157 if (NULL == absolute_path) 1158 if (NULL == absolute_path)
1168 } 1169 }
1169 1170
1170 result = check_access(sbcontext, func, absolute_path, resolved_path); 1171 result = check_access(sbcontext, func, absolute_path, resolved_path);
1171 1172
1172 if ((0 == result) && (1 == sbcontext->show_access_violation)) { 1173 if ((0 == result) && (1 == sbcontext->show_access_violation)) {
1173 fprintf(stderr, "\e[31;01mACCESS DENIED\033[0m %s:%*s%s\n", 1174 EERROR(color, "ACCESS DENIED", " %s:%*s%s\n",
1174 func, (int)(10 - strlen(func)), "", absolute_path); 1175 func, (int)(10 - strlen(func)), "", absolute_path);
1175 } else if ((1 == debug) && (1 == sbcontext->show_access_violation)) { 1176 } else if ((1 == debug) && (1 == sbcontext->show_access_violation)) {
1176 fprintf(stderr, "\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n", 1177 EINFO(color, "ACCESS ALLOWED", " %s:%*s%s\n",
1177 func, (int)(10 - strlen(func)), "", absolute_path); 1178 func, (int)(10 - strlen(func)), "", absolute_path);
1178 } else if ((1 == debug) && (0 == sbcontext->show_access_violation)) { 1179 } else if ((1 == debug) && (0 == sbcontext->show_access_violation)) {
1179 fprintf(stderr, "\e[33;01mACCESS PREDICTED\033[0m %s:%*s%s\n", 1180 EWARN(color, "ACCESS PREDICTED", " %s:%*s%s\n",
1180 func, (int)(10 - strlen(func)), "", absolute_path); 1181 func, (int)(10 - strlen(func)), "", absolute_path);
1181 } 1182 }
1182 1183
1183 if ((NULL != log_path) && 1184 if ((NULL != log_path) &&
1184 (((0 == debug) && (0 == result) && (1 == sbcontext->show_access_violation)) || 1185 (((0 == debug) && (0 == result) && (1 == sbcontext->show_access_violation)) ||
1192 (int)(10 - strlen(func)), "", 1193 (int)(10 - strlen(func)), "",
1193 absolute_path); 1194 absolute_path);
1194 } 1195 }
1195 if ((0 == lstat(log_path, &log_stat)) && 1196 if ((0 == lstat(log_path, &log_stat)) &&
1196 (0 == S_ISREG(log_stat.st_mode))) { 1197 (0 == S_ISREG(log_stat.st_mode))) {
1197 fprintf(stderr, "%s %s %s", 1198 EERROR(color, "SECURITY BREACH", " '%s' %s\n", log_path,
1198 "\e[31;01mSECURITY BREACH\033[0m", log_path,
1199 "already exists and is not a regular file.\n"); 1199 "already exists and is not a regular file!");
1200 } else { 1200 } else {
1201 check_dlsym(open); 1201 check_dlsym(open);
1202 log_file = true_open(log_path, O_APPEND | O_WRONLY | 1202 log_file = true_open(log_path, O_APPEND | O_WRONLY |
1203 O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | 1203 O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP |
1204 S_IROTH); 1204 S_IROTH);

Legend:
Removed from v.143  
changed lines
  Added in v.144

  ViewVC Help
Powered by ViewVC 1.1.20