diff options
| author | tpearson <tpearson@283d02a7-25f6-0310-bc7c-ecb5cbfe19da> | 2011-09-15 17:30:04 +0000 |
|---|---|---|
| committer | tpearson <tpearson@283d02a7-25f6-0310-bc7c-ecb5cbfe19da> | 2011-09-15 17:30:04 +0000 |
| commit | 9942172e2d42cb89996fe260f65ca2ec5d6d91cf (patch) | |
| tree | 3f477efffc5b2ebab790df3c1a3496694cf253bb /kdmlib/kdmtsak.cpp | |
| parent | 423ac393e5ab26b599b4be93555462287a5ea52f (diff) | |
| download | tdebase-9942172e2d42cb89996fe260f65ca2ec5d6d91cf.tar.gz tdebase-9942172e2d42cb89996fe260f65ca2ec5d6d91cf.zip | |
Export the kdmtsak calling executable validation routine in a header file
git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdebase@1253837 283d02a7-25f6-0310-bc7c-ecb5cbfe19da
Diffstat (limited to 'kdmlib/kdmtsak.cpp')
| -rw-r--r-- | kdmlib/kdmtsak.cpp | 141 |
1 files changed, 2 insertions, 139 deletions
diff --git a/kdmlib/kdmtsak.cpp b/kdmlib/kdmtsak.cpp index f00346182..2602025bb 100644 --- a/kdmlib/kdmtsak.cpp +++ b/kdmlib/kdmtsak.cpp @@ -18,146 +18,9 @@ Boston, MA 02110-1301, USA. */ -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <unistd.h> -#include <errno.h> -#include <fcntl.h> -#include <limits.h> -#include <dirent.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/select.h> -#include <sys/time.h> -#include <termios.h> -#include <signal.h> - -#include <tqstring.h> - -#include "config.h" - -#define FIFO_FILE "/tmp/ksocket-global/tsak" - -// #define DEBUG +#include "kdmtsak.h" int main (int argc, char *argv[]) { - int mPipe_fd; - char readbuf[128]; - int numread; - bool authorized = false; - - pid_t parentproc = getppid(); -#ifdef DEBUG - printf("Parent pid is: %d\n\r", parentproc); -#endif - - char parentexecutable[8192]; - TQString procparent = TQString("/proc/%1/exe").arg(parentproc); - int chars = readlink(procparent.ascii(), parentexecutable, sizeof(parentexecutable)); - parentexecutable[chars] = 0; - parentexecutable[8191] = 0; - procparent = parentexecutable; -#ifdef DEBUG - printf("Parent executable name and full path is: %s\n\r", procparent.ascii()); -#endif - - TQString tdeBinaryPath = TQString(KDE_BINDIR "/"); -#ifdef DEBUG - printf("The TDE binary path is: %s\n\r", tdeBinaryPath.ascii()); -#endif - - if (!procparent.startsWith(tdeBinaryPath)) { - printf("Unauthorized path detected in calling process\n\r"); - return 2; - } - else { - procparent = procparent.mid(tdeBinaryPath.length()); -#ifdef DEBUG - printf("Parent executable name is: %s\n\r", procparent.ascii()); -#endif - if ((procparent == "kdesktop") || (procparent == "kdesktop_lock") || (procparent == "kdm")) { - authorized = true; - } - else if (procparent == "kdeinit") { - printf("kdeinit detected\n\r"); - // A bit more digging is needed to see if this is an authorized process or not - // Get the kdeinit command - char kdeinitcmdline[8192]; - FILE *fp = fopen(TQString("/proc/%1/cmdline").arg(parentproc).ascii(),"r"); - if (fp != NULL) { - if (fgets (kdeinitcmdline, 8192, fp) != NULL) - fclose (fp); - } - kdeinitcmdline[8191] = 0; - TQString kdeinitCommand = kdeinitcmdline; - - // Also get the environment, specifically the path - TQString kdeinitEnvironment; - char kdeinitenviron[8192]; - fp = fopen(TQString("/proc/%1/environ").arg(parentproc).ascii(),"r"); - if (fp != NULL) { - int c; - int pos = 0; - do { - c = fgetc(fp); - kdeinitenviron[pos] = c; - pos++; - if (c == 0) { - TQString curEnvLine = kdeinitenviron; - if (curEnvLine.startsWith("PATH=")) { - kdeinitEnvironment = curEnvLine.mid(5); - } - pos = 0; - } - } while ((c != EOF) && (pos < 8192)); - fclose (fp); - } - kdeinitenviron[8191] = 0; - -#ifdef DEBUG - printf("Called executable name is: %s\n\r", kdeinitCommand.ascii()); - printf("Environment is: %s\n\r", kdeinitEnvironment.ascii()); -#endif - - if ((kdeinitCommand == "kdesktop [kdeinit]") && (kdeinitEnvironment.startsWith(KDE_BINDIR))) { - authorized = true; - } - else { - return 4; - } - } - else { - printf("Unauthorized calling process detected\n\r"); - return 3; - } - - if (authorized == true) { - // OK, the calling process is authorized to retrieve SAK data - // First, flush the buffer - mPipe_fd = open(FIFO_FILE, O_RDWR | O_NONBLOCK); - numread = 1; - while (numread > 0) { - numread = read(mPipe_fd, readbuf, 128); - } - // Now wait for SAK press - mPipe_fd = open(FIFO_FILE, O_RDWR); - if (mPipe_fd > -1) { - numread = read(mPipe_fd, readbuf, 128); - readbuf[numread] = 0; - readbuf[127] = 0; - close(mPipe_fd); - if (strcmp(readbuf, "SAK\n\r") == 0) { - return 0; - } - else { - return 1; - } - } - return 6; - } - } - - return 5; + return tde_sak_verify_calling_process(); }
\ No newline at end of file |