Changeset 7eada71 in rtems


Ignore:
Timestamp:
Nov 18, 2014, 6:35:30 AM (5 years ago)
Author:
Sebastian Huber <sebastian.huber@…>
Branches:
4.11, master
Children:
478455e0
Parents:
ffd5285
git-author:
Sebastian Huber <sebastian.huber@…> (11/18/14 06:35:30)
git-committer:
Sebastian Huber <sebastian.huber@…> (11/20/14 09:30:26)
Message:

shell: Add mode, UID and GID to shell commands

Use this information to determine if a command is visible to the current
user and if the current user is allowed to execute this command.

Location:
cpukit/libmisc/shell
Files:
7 edited

Legend:

Unmodified
Added
Removed
  • cpukit/libmisc/shell/cmds.c

    rffd5285 r7eada71  
    5151  if (strcmp("exit", e->command) != 0) {
    5252    rtems_shell_cmd_t *shell_cmd =
    53       (rtems_shell_cmd_t *) malloc(sizeof(rtems_shell_cmd_t));
     53      (rtems_shell_cmd_t *) calloc(1, sizeof(*shell_cmd));
    5454
    5555    if (shell_cmd != NULL) {
     
    5858      shell_cmd->usage   = e->usage;
    5959      shell_cmd->command = rtems_shell_main_monitor;
    60       shell_cmd->alias   = NULL;
    61       shell_cmd->next    = NULL;
    6260
    6361      if (rtems_shell_add_cmd_struct(shell_cmd) == NULL) {
  • cpukit/libmisc/shell/internal.h

    rffd5285 r7eada71  
    2626rtems_shell_topic_t * rtems_shell_lookup_topic(const char *topic);
    2727
     28bool rtems_shell_can_see_cmd(const rtems_shell_cmd_t *shell_cmd);
     29
    2830int rtems_shell_execute_cmd(const char *cmd, int argc, char *argv[]);
    2931
  • cpukit/libmisc/shell/main_alias.c

    rffd5285 r7eada71  
    3535
    3636rtems_shell_cmd_t rtems_shell_ALIAS_Command = {
    37   "alias",                                /* name */
    38   "alias old new",                        /* usage */
    39   "misc",                                 /* topic */
    40   rtems_shell_rtems_main_alias,           /* command */
    41   NULL,                                   /* alias */
    42   NULL                                    /* next */
     37  .name = "alias",
     38  .usage = "alias old new",
     39  .topic = "misc",
     40  .command = rtems_shell_rtems_main_alias,
     41  .mode = S_IRUSR | S_IXUSR | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH
    4342};
  • cpukit/libmisc/shell/main_help.c

    rffd5285 r7eada71  
    2828 */
    2929static int rtems_shell_help_cmd(
    30   rtems_shell_cmd_t *shell_cmd
     30  const rtems_shell_cmd_t *shell_cmd
    3131)
    3232{
    3333  const char * pc;
    3434  int    col,line;
     35
     36  if (!rtems_shell_can_see_cmd(shell_cmd)) {
     37    return 0;
     38  }
    3539
    3640  printf("%-12.12s - ",shell_cmd->name);
     
    150154
    151155rtems_shell_cmd_t rtems_shell_HELP_Command  =  {
    152   "help",                                       /* name  */
    153    "help [topic] # list of usage of commands",  /* usage */
    154   "help",                                       /* topic */
    155   rtems_shell_help,                             /* command */
    156   NULL,                                         /* alias */
    157   NULL                                          /* next */
     156  .name = "help",
     157  .usage = "help [topic] # list of usage of commands",
     158  .topic = "help",
     159  .command = rtems_shell_help,
     160  .mode = S_IRUSR | S_IXUSR | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH
    158161};
  • cpukit/libmisc/shell/main_time.c

    rffd5285 r7eada71  
    7676
    7777rtems_shell_cmd_t rtems_shell_TIME_Command = {
    78   "time",                                     /* name */
    79   "time command [arguments...]",              /* usage */
    80   "misc",                                     /* topic */
    81   rtems_shell_main_time,                      /* command */
    82   NULL,                                       /* alias */
    83   NULL                                        /* next */
     78  .name = "time",
     79  .usage = "time command [arguments...]",
     80  .topic = "misc",
     81  .command = rtems_shell_main_time,
     82  .mode = S_IRUSR | S_IXUSR | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH
    8483};
  • cpukit/libmisc/shell/shell.h

    rffd5285 r7eada71  
    1919
    2020#include <sys/types.h>
     21#include <sys/stat.h>
    2122#include <rtems.h>
    2223#include <stdio.h>
     
    8485  rtems_shell_cmd_t     *alias;
    8586  rtems_shell_cmd_t     *next;
     87  mode_t                 mode;
     88  uid_t                  uid;
     89  gid_t                  gid;
    8690};
    8791
  • cpukit/libmisc/shell/shell_cmdset.c

    rffd5285 r7eada71  
    3030#include <rtems/shell.h>
    3131#include <rtems/shellconfig.h>
     32#include <rtems/libio_.h>
    3233#include "internal.h"
    3334
     
    123124  }
    124125
     126  /* Ensure that the user can read and execute commands */
     127  shell_cmd->mode |= S_IRUSR | S_IXUSR;
     128
    125129  /* Append */
    126130  *next_ptr = shell_cmd;
     
    153157
    154158  /* Allocate command stucture */
    155   shell_cmd = (rtems_shell_cmd_t *) malloc(sizeof(rtems_shell_cmd_t));
     159  shell_cmd = (rtems_shell_cmd_t *) calloc(1, sizeof(*shell_cmd));
    156160  if (shell_cmd == NULL) {
    157161    return NULL;
     
    168172  shell_cmd->usage   = my_usage;
    169173  shell_cmd->command = command;
    170   shell_cmd->alias   = NULL;
    171   shell_cmd->next    = NULL;
    172174
    173175  if (rtems_shell_add_cmd_struct(shell_cmd) == NULL) {
     
    209211         shell_cmd->command
    210212      );
    211       if (shell_aux)
     213      if (shell_aux) {
    212214        shell_aux->alias = shell_cmd;
     215        shell_aux->mode = shell_cmd->mode;
     216        shell_aux->uid = shell_cmd->uid;
     217        shell_aux->gid = shell_cmd->gid;
     218      }
    213219    }
    214220  }
    215221  return shell_aux;
     222}
     223
     224bool rtems_shell_can_see_cmd(const rtems_shell_cmd_t *shell_cmd)
     225{
     226  return rtems_filesystem_check_access(
     227    RTEMS_FS_PERMS_READ,
     228    shell_cmd->mode,
     229    shell_cmd->uid,
     230    shell_cmd->gid
     231  );
     232}
     233
     234static bool rtems_shell_can_execute_cmd(const rtems_shell_cmd_t *shell_cmd)
     235{
     236  return rtems_filesystem_check_access(
     237    RTEMS_FS_PERMS_EXEC,
     238    shell_cmd->mode,
     239    shell_cmd->uid,
     240    shell_cmd->gid
     241  );
    216242}
    217243
     
    226252  shell_cmd = rtems_shell_lookup_cmd(argv[0]);
    227253
     254  if (shell_cmd != NULL && !rtems_shell_can_see_cmd(shell_cmd)) {
     255    shell_cmd = NULL;
     256  }
     257
    228258  if (shell_cmd == NULL) {
    229259    return rtems_shell_script_file(argc, argv);
     260  } else if (rtems_shell_can_execute_cmd(shell_cmd)) {
     261    return shell_cmd->command(argc, argv);
    230262  } else {
    231     return shell_cmd->command(argc, argv);
    232   }
    233 }
     263    fprintf(stderr, "%s: Permission denied\n", cmd);
     264
     265    return -1;
     266  }
     267}
Note: See TracChangeset for help on using the changeset viewer.