Secure promiscuous mode for posix semaphores
Adjusts the permissions of posix semaphores when promiscuous mode is enabled. Note that changing permissions of semaphores is only supported on linux by using the /dev/shm filesystem. As of now, linux does not use posix semaphores anymore so this code is currently unsed.
This commit is contained in:
parent
5d89eba8c7
commit
d4f925c2ea
|
@ -24,10 +24,22 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|||
#include <fcntl.h>
|
||||
#include <stdio.h>
|
||||
#include <sys/time.h>
|
||||
#ifdef __linux__
|
||||
#include "promiscuous.h"
|
||||
#endif
|
||||
|
||||
namespace Jack
|
||||
{
|
||||
|
||||
JackPosixSemaphore::JackPosixSemaphore() : JackSynchro(), fSemaphore(NULL)
|
||||
{
|
||||
const char* promiscuous = getenv("JACK_PROMISCUOUS_SERVER");
|
||||
fPromiscuous = (promiscuous != NULL);
|
||||
#ifdef __linux__
|
||||
fPromiscuousGid = jack_group2gid(promiscuous);
|
||||
#endif
|
||||
}
|
||||
|
||||
void JackPosixSemaphore::BuildName(const char* client_name, const char* server_name, char* res, int size)
|
||||
{
|
||||
char ext_client_name[SYNC_MAX_NAME_SIZE + 1];
|
||||
|
@ -35,7 +47,7 @@ void JackPosixSemaphore::BuildName(const char* client_name, const char* server_n
|
|||
#if __APPLE__ // POSIX semaphore names are limited to 32 characters...
|
||||
snprintf(res, 32, "js_%s", ext_client_name);
|
||||
#else
|
||||
if (getenv("JACK_PROMISCUOUS_SERVER")) {
|
||||
if (fPromiscuous) {
|
||||
snprintf(res, size, "jack_sem.%s_%s", server_name, ext_client_name);
|
||||
} else {
|
||||
snprintf(res, size, "jack_sem.%d_%s_%s", JackTools::GetUID(), server_name, ext_client_name);
|
||||
|
@ -147,6 +159,14 @@ bool JackPosixSemaphore::Allocate(const char* name, const char* server_name, int
|
|||
jack_error("Allocate: can't check in named semaphore name = %s err = %s", fName, strerror(errno));
|
||||
return false;
|
||||
} else {
|
||||
#ifdef __linux__
|
||||
if (fPromiscuous) {
|
||||
char sempath[SYNC_MAX_NAME_SIZE+13];
|
||||
snprintf(sempath, sizeof(sempath), "/dev/shm/sem.%s", fName);
|
||||
if (jack_promiscuous_perms(-1, sempath, fPromiscuousGid) < 0)
|
||||
return false;
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -39,6 +39,10 @@ class SERVER_EXPORT JackPosixSemaphore : public detail::JackSynchro
|
|||
private:
|
||||
|
||||
sem_t* fSemaphore;
|
||||
bool fPromiscuous;
|
||||
#ifdef __linux__
|
||||
int fPromiscuousGid;
|
||||
#endif
|
||||
|
||||
protected:
|
||||
|
||||
|
@ -46,8 +50,7 @@ class SERVER_EXPORT JackPosixSemaphore : public detail::JackSynchro
|
|||
|
||||
public:
|
||||
|
||||
JackPosixSemaphore():JackSynchro(), fSemaphore(NULL)
|
||||
{}
|
||||
JackPosixSemaphore();
|
||||
|
||||
bool Signal();
|
||||
bool SignalAll();
|
||||
|
|
Loading…
Reference in New Issue