Menu
▾
▴
[Squeak-Commits] squeak/platforms/unix/plugins/SecurityPlugin sqUnixSecurity.c,1.2,1.3
|
From: Brenda L. <asp...@us...> - 2003-05-12 07:39:39
|
Update of /cvsroot/squeak/squeak/platforms/unix/plugins/SecurityPlugin In directory sc8-pr-cvs1:/tmp/cvs-serv6251/plugins/SecurityPlugin Modified Files: sqUnixSecurity.c Log Message: Ian Piumarta's release 3.4.1 Index: sqUnixSecurity.c =================================================================== RCS file: /cvsroot/squeak/squeak/platforms/unix/plugins/SecurityPlugin/sqUnixSecurity.c,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** sqUnixSecurity.c 6 Mar 2002 23:59:11 -0000 1.2 --- sqUnixSecurity.c 12 May 2003 07:39:04 -0000 1.3 *************** *** 1,15 **** /* sqUnixSecurity.c -- directory operations for Unix * * Note: According to Ian Piumarta, the Unix VM is inherently insecure since * pluggable primitives can access all of libc! It would need * some linker magic to hide these from dlsym(). ! * * A workaround would be to disallow lookups via dlsym() when * fileaccess is disallowed - internal plugins should still work ... - * - * Author: Bert Freudenberg (heavily based on Andreas Raab's sqWin32Security.c) */ #include "sq.h" #include <sys/param.h> --- 1,19 ---- /* sqUnixSecurity.c -- directory operations for Unix * + * Author: Bert Freudenberg (heavily based on Andreas Raab's sqWin32Security.c) + * + * Last edited: 2002-10-26 14:43:23 by piumarta on emilia.inria.fr + * * Note: According to Ian Piumarta, the Unix VM is inherently insecure since * pluggable primitives can access all of libc! It would need * some linker magic to hide these from dlsym(). ! * * A workaround would be to disallow lookups via dlsym() when * fileaccess is disallowed - internal plugins should still work ... */ #include "sq.h" + #include "SecurityPlugin.h" + #include <sys/param.h> *************** *** 179,183 **** ! int ioCanListenOnPort(void* s, int port) { return allowSocketAccess; --- 183,187 ---- ! int ioCanListenOnPort(int s, int port) { return allowSocketAccess; *************** *** 203,206 **** --- 207,212 ---- char *ioGetSecureUserDirectory(void) { + if (secureUserDirectory[0] == '\0') + return (char *)success(false); return secureUserDirectory; } |
