mirror of
https://github.com/SerenityOS/serenity
synced 2024-11-05 17:46:52 +00:00
d4b65f644e
From now on, we don't allow jailed processes to open all device nodes in /dev, but only allow jailed processes to open /dev/full, /dev/zero, /dev/null, and various TTY and PTY devices (and not including virtual consoles) so we basically restrict applications to what they can do when they are in jail. The motivation for this type of restriction is to ensure that even if a remote code execution occurred, the damage that can be done is very small. We also don't restrict reading and writing on device nodes that were already opened, because that limit seems not useful, especially in the case where we do want to provide an OpenFileDescription to such device but nothing further than that.
36 lines
1 KiB
C++
36 lines
1 KiB
C++
/*
|
|
* Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
|
|
*
|
|
* SPDX-License-Identifier: BSD-2-Clause
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include <Kernel/Devices/CharacterDevice.h>
|
|
|
|
namespace Kernel {
|
|
|
|
class NullDevice final : public CharacterDevice {
|
|
friend class DeviceManagement;
|
|
|
|
public:
|
|
virtual ~NullDevice() override;
|
|
|
|
static NonnullLockRefPtr<NullDevice> must_initialize();
|
|
|
|
private:
|
|
NullDevice();
|
|
|
|
// ^Device
|
|
virtual bool is_openable_by_jailed_processes() const override { return true; }
|
|
|
|
// ^CharacterDevice
|
|
virtual ErrorOr<size_t> read(OpenFileDescription&, u64, UserOrKernelBuffer&, size_t) override;
|
|
virtual ErrorOr<size_t> write(OpenFileDescription&, u64, UserOrKernelBuffer const&, size_t) override;
|
|
virtual bool can_write(OpenFileDescription const&, u64) const override { return true; }
|
|
virtual bool can_read(OpenFileDescription const&, u64) const override;
|
|
virtual StringView class_name() const override { return "NullDevice"sv; }
|
|
virtual bool is_seekable() const override { return true; }
|
|
};
|
|
|
|
}
|