lib/isc/fsaccess.c

49dbdb0186eb23d87d685b96eaefa9ec3c71d9b8David Lawrence/*
bd911976d51f102751848568ccf56592fd5f6d77Tinderbox User * Copyright (C) 2000, 2001, 2004, 2005, 2007, 2016, 2017  Internet Systems Consortium, Inc. ("ISC")
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence *
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * This Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * License, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * file, You can obtain one at http://mozilla.org/MPL/2.0/.
49dbdb0186eb23d87d685b96eaefa9ec3c71d9b8David Lawrence */
49dbdb0186eb23d87d685b96eaefa9ec3c71d9b8David Lawrence
70e5a7403f0e0a3bd292b8287c5fed5772c15270Automatic Updater/* $Id: fsaccess.c,v 1.10 2007/06/19 23:47:17 tbox Exp $ */
49dbdb0186eb23d87d685b96eaefa9ec3c71d9b8David Lawrence
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein/*! \file
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * \brief
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence * This file contains the OS-independent functionality of the API.
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence */
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence#include <isc/fsaccess.h>
a13e9f894ce1fa80b4076a40ade53982d8e9d1d9Mukund Sivaraman#include <isc/print.h>
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence#include <isc/result.h>
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence#include <isc/util.h>
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein/*!
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence * Shorthand.  Maybe ISC__FSACCESS_PERMISSIONBITS should not even be in
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence * <isc/fsaccess.h>.  Could check consistency with sizeof(isc_fsaccess_t)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence * and the number of bits in each function.
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence */
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence#define STEP        (ISC__FSACCESS_PERMISSIONBITS)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence#define GROUP       (STEP)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence#define OTHER       (STEP * 2)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrencevoid
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrenceisc_fsaccess_add(int trustee, int permission, isc_fsaccess_t *access) {
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    REQUIRE(trustee <= 0x7);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    REQUIRE(permission <= 0xFF);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    if ((trustee & ISC_FSACCESS_OWNER) != 0)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence        *access |= permission;
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    if ((trustee & ISC_FSACCESS_GROUP) != 0)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence        *access |= (permission << GROUP);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    if ((trustee & ISC_FSACCESS_OTHER) != 0)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence        *access |= (permission << OTHER);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence}
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrencevoid
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrenceisc_fsaccess_remove(int trustee, int permission, isc_fsaccess_t *access) {
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    REQUIRE(trustee <= 0x7);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    REQUIRE(permission <= 0xFF);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    if ((trustee & ISC_FSACCESS_OWNER) != 0)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence        *access &= ~permission;
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    if ((trustee & ISC_FSACCESS_GROUP) != 0)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence        *access &= ~(permission << GROUP);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    if ((trustee & ISC_FSACCESS_OTHER) != 0)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence        *access &= ~(permission << OTHER);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence}
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrencestatic isc_result_t
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrencecheck_bad_bits(isc_fsaccess_t access, isc_boolean_t is_dir) {
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    isc_fsaccess_t bits;
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    /*
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence     * Check for disallowed user bits.
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence     */
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    if (is_dir)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence        bits = ISC_FSACCESS_READ |
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence               ISC_FSACCESS_WRITE |
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence               ISC_FSACCESS_EXECUTE;
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    else
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence        bits = ISC_FSACCESS_CREATECHILD |
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence               ISC_FSACCESS_ACCESSCHILD |
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence               ISC_FSACCESS_DELETECHILD |
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence               ISC_FSACCESS_LISTDIRECTORY;
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    /*
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence     * Set group bad bits.
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence     */
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    bits |= bits << STEP;
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    /*
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence     * Set other bad bits.
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence     */
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    bits |= bits << STEP;
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    if ((access & bits) != 0) {
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence        if (is_dir)
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence            return (ISC_R_NOTFILE);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence        else
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence            return (ISC_R_NOTDIRECTORY);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    }
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence    return (ISC_R_SUCCESS);
a904de0bc85cc3974a87a32deedb69d6a68ec36cDavid Lawrence}