Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

*** empty log message *** 

svn path=/trunk/boinc/; revision=10403
This commit is contained in:
Charlie Fenton 2006-06-20 00:55:32 +00:00
parent c745174e90
commit 1676a31281
5 changed files with 88 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
checkin_notes
View File

@ -6330,3 +6330,21 @@ David 19 June 2006
client/
client_state.h
Charlie 19 June 2006
- Mac sandbox:
- Better support for development
- XCode sets BOINC Manager bundle to current user & group, sets
S_ISUID | S_ISGID bits for Client, S_ISGID bit for Manager.
- ACTIVE_TASK::start launches project app via new switcher app
- Client runs projects under different user and group boinc_project.
client/
check_security.C
clientgui/
mac/
SetupSecurity.cpp,h
mac_build/
boinc.xcodeproj/
project.pbxproj

89
client/check_security.C
View File

@ -52,29 +52,71 @@ int check_security() {
struct stat sbuf;
int retval;
#ifdef __WXMAC__ // If Mac BOINC Manager
ProcessSerialNumber ourPSN, parentPSN;
ProcessSerialNumber ourPSN;
ProcessInfoRec pInfo;
FSRef ourFSRef;
char *p;
#endif
#ifdef _DEBUG
// GDB can't attach to applications which are running as a diferent user or group so
// it ignores the S_ISUID and S_ISGID permisison bits when launching an application.
// To work around this, the _DEBUG version uses the current user and group.
// To work around this, and to allow testing the uninstalled Deployment version, we
// assume that the BOINC Client has the correct user and group.
// We must get the BOINC Client's user and group differently depending on whether we
// were called from the Manager or from the Client
#ifdef __WXMAC__ // If Mac BOINC Manager
// Get the full path to BOINC Manager application's bundle
retval = GetCurrentProcess (&ourPSN);
if (retval)
return retval; // Should never happen
memset(&pInfo, 0, sizeof(pInfo));
pInfo.processInfoLength = sizeof( ProcessInfoRec );
retval = GetProcessInformation(&ourPSN, &pInfo);
if (retval)
return retval; // Should never happen
retval = GetProcessBundleLocation(&ourPSN, &ourFSRef);
if (retval)
return retval; // Should never happen
retval = FSRefMakePath (&ourFSRef, (UInt8*)dir_path, sizeof(dir_path));
if (retval)
return retval; // Should never happen
// Get the full path to BOINC Clients inside this application's bundle
strlcpy(full_path, dir_path, sizeof(full_path));
strlcat(full_path, "/Contents/Resources/boinc", sizeof(full_path));
retval = stat(full_path, &sbuf);
if (retval)
return retval; // Should never happen
if ((sbuf.st_mode & (S_ISUID | S_ISGID)) != (S_ISUID | S_ISGID))
return ERR_USER_PERMISSION;
boinc_master_uid = sbuf.st_gid;
boinc_master_gid = sbuf.st_uid;
#else
boinc_master_uid = geteuid();
boinc_master_gid = getegid();
#endif
#if 1 // (was: #if _DEBUG) See comment above
pw = getpwuid(boinc_master_uid);
if (pw == NULL)
return ERR_USER_REJECTED; // Should never happen
strlcpy(boinc_master_user_name, pw->pw_name, sizeof(boinc_master_user_name));
boinc_master_gid = getegid();
grp = getgrgid(boinc_master_gid);
if (grp == NULL)
return ERR_GETGRNAM;
strlcpy(boinc_master_group_name, grp->gr_name, sizeof(boinc_master_group_name));
#else // if (! _DEBUG)
#else // Require absolute owner and group by boinc_master:boinc_master
strlcpy(boinc_master_user_name, REAL_BOINC_MASTER_NAME, sizeof(boinc_master_user_name));
pw = getpwnam(boinc_master_user_name);
if (pw == NULL)
@ -86,7 +128,7 @@ int check_security() {
if (grp == NULL)
return ERR_GETGRNAM; // Group boinc_master does not exist
boinc_master_gid = grp->gr_gid;
#endif // ! _DEBUG
#endif
#if (defined(_DEBUG) && defined(DEBUG_WITH_FAKE_PROJECT_USER_AND_GROUP))
// For easier debugging of project applications
@ -117,35 +159,6 @@ int check_security() {
#endif
#ifdef __WXMAC__ // If Mac BOINC Manager
// Get the full path to BOINC Manager application's bundle
retval = GetCurrentProcess (&ourPSN);
if (retval)
return retval; // Should never happen
memset(&pInfo, 0, sizeof(pInfo));
pInfo.processInfoLength = sizeof( ProcessInfoRec );
retval = GetProcessInformation(&ourPSN, &pInfo);
if (retval)
return retval; // Should never happen
retval = GetProcessBundleLocation(&ourPSN, &ourFSRef);
if (retval)
return retval; // Should never happen
retval = FSRefMakePath (&ourFSRef, (UInt8*)dir_path, sizeof(dir_path));
if (retval)
return retval; // Should never happen
parentPSN = pInfo.processLauncher;
memset(&pInfo, 0, sizeof(pInfo));
pInfo.processInfoLength = sizeof( ProcessInfoRec );
retval = GetProcessInformation(&parentPSN, &pInfo);
if (retval)
return retval; // Should never happen
// If we are running under the GDB debugger, ignore owner,
// group and permissions of BOINC Manager and BOINC Client
if (pInfo.processSignature != 'xcde') { // Login Window app
// Get the full path to BOINC Manager executable inside this application's bundle
strlcpy(full_path, dir_path, sizeof(full_path));
strlcat(full_path, "/Contents/MacOS/", sizeof(full_path));
@ -168,6 +181,7 @@ int check_security() {
if ((sbuf.st_mode & S_ISGID) != S_ISGID)
return ERR_USER_PERMISSION;
#if 0
// Get the full path to BOINC Clients inside this application's bundle
strlcpy(full_path, dir_path, sizeof(full_path));
strlcat(full_path, "/Contents/Resources/boinc", sizeof(full_path));
@ -181,10 +195,7 @@ int check_security() {
if (sbuf.st_uid != boinc_master_uid)
return ERR_USER_PERMISSION;
if ((sbuf.st_mode & (S_ISUID | S_ISGID)) != (S_ISUID | S_ISGID))
return ERR_USER_PERMISSION;
} // If not running under GDB debugger
#endif
#endif // Mac BOINC Manager
// rgid = getgid();

4
clientgui/mac/SetupSecurity.cpp
View File

@ -54,6 +54,10 @@ static AuthorizationRef gOurAuthRef = NULL;
// GDB can't attach to applications which are running as a diferent user or group so
// it ignores the S_ISUID and S_ISGID permisison bits when launching an application.
// To work around this, the _DEBUG version uses the current user and group.
//
// NOTE: The Manager and Client call these routines only "#ifdef _DEBUG" (i.e.,
// only from the DEVELOPMENT BUILD), never from the Deployment build.
//
static char boinc_master_user_name[64];
static char boinc_master_group_name[64];
static char boinc_project_user_name[64];

4
clientgui/mac/SetupSecurity.h
View File

@ -21,8 +21,8 @@
#ifdef _DEBUG
// Comment out this #define for easier debugging of project applications.
// Leave it active for better debugging of SANDBOX permissions logic.
#define DEBUG_WITH_FAKE_PROJECT_USER_AND_GROUP
// Make it active for better debugging of SANDBOX permissions logic.
// #define DEBUG_WITH_FAKE_PROJECT_USER_AND_GROUP
#endif

14
mac_build/boinc.xcodeproj/project.pbxproj
View File

@ -1539,6 +1539,7 @@
DDD7F08807F0692D00BA3B90 /* CopyFiles */,
DD8F75CB088D159D001AFCCA /* ShellScript */,
DD5FD5B20A02351A0093C19F /* ShellScript */,
DDF10D960A476D37001F76D6 /* ShellScript */,
);
buildRules = (
DD6826EE08641BE00070CDB8 /* PBXBuildRule */,
@ -2405,6 +2406,19 @@
shellPath = /bin/sh;
shellScript = "if [ ! \"$BUILD_DIR/../../clientgui/mac/BOINCSaver.nib\" -nt \"$BUILD_DIR/../../clientgui/mac/BOINCSaver.nib.sit\" ]; then\nrm -dfR \"$BUILD_DIR/../../clientgui/mac/BOINCSaver.nib\"\nopen \"$BUILD_DIR/../../clientgui/mac/BOINCSaver.nib.sit\"\nsleep 6\ntouch \"$BUILD_DIR/../../clientgui/mac/BOINCSaver.nib\"\nfi\n";
};
DDF10D960A476D37001F76D6 /* ShellScript */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputPaths = (
);
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "chown -R ${USER}:${GROUP} \"${BUILT_PRODUCTS_DIR}/BOINCManager.app\"\nchmod g+s \"${BUILT_PRODUCTS_DIR}/BOINCManager.app/Contents/MacOS/BOINCManager\"\nchmod u+s,g+s \"${BUILT_PRODUCTS_DIR}/BOINCManager.app/Contents/Resources/boinc\"\n";
};
/* End PBXShellScriptBuildPhase section */
/* Begin PBXSourcesBuildPhase section */