From fd125947c9db0b33761414e65e919f73d9bf1815 Mon Sep 17 00:00:00 2001 From: Chuyan Zhang Date: Thu, 30 Nov 2023 12:01:11 -0800 Subject: Refactor workspace --- ayafs/src/utils/permissions.rs | 62 ------------------------------------------ 1 file changed, 62 deletions(-) delete mode 100644 ayafs/src/utils/permissions.rs (limited to 'ayafs/src/utils/permissions.rs') diff --git a/ayafs/src/utils/permissions.rs b/ayafs/src/utils/permissions.rs deleted file mode 100644 index 6773511..0000000 --- a/ayafs/src/utils/permissions.rs +++ /dev/null @@ -1,62 +0,0 @@ -use crate::disk::inode::InodeMode; -use libc::{F_OK, S_ISGID, S_ISUID, S_IXGRP, X_OK}; -use std::fs::File; -use std::io::BufRead; - -pub(crate) fn get_groups(pid: u32) -> Vec { - let file = File::open(format!("/proc/{pid}/task/{pid}/status")) - .expect(format!("pid {pid} incorrect!").as_str()); - for line in std::io::BufReader::new(file).lines() { - let line = line.unwrap(); - if line.starts_with("Groups:") { - return line["Groups: ".len()..] - .split(' ') - .filter(|x| !x.trim().is_empty()) - .map(|x| x.parse::().unwrap()) - .collect(); - } - } - - Vec::new() -} - -pub(crate) fn clear_suid_sgid(mut mode: InodeMode) -> InodeMode { - mode.0 &= !S_ISUID as u16; - if mode.0 & S_IXGRP as u16 != 0 { - mode.0 &= !S_ISGID as u16; - } - mode -} - -pub(crate) fn check_access( - incoming_uid: u32, - incoming_gid: u32, - uid: u32, - gid: u32, - mode: InodeMode, - mut mask: i32, -) -> bool { - if mask == F_OK { - return true; - } - - let perm = i32::from(mode.0); - // root - if incoming_uid == 0 { - // 读写任何东西都是可以的, 执行只有 IXOTH/IXGRP/IXUSR 之一设置才可以 - mask &= X_OK; - mask -= mask & (perm >> 6); - mask -= mask & (perm >> 3); - mask -= mask & perm; - return mask == 0; - } - - if incoming_uid == uid { - mask -= mask & (perm >> 6); - } else if incoming_gid == gid { - mask -= mask & (perm >> 3); - } else { - mask -= mask & perm; - } - mask == 0 -} -- cgit v1.2.3-70-g09d2