diff options
author | Michael Stone <michael@laptop.org> | 2009-03-11 04:36:03 (GMT) |
---|---|---|
committer | Michael Stone <michael@laptop.org> | 2009-03-11 04:36:03 (GMT) |
commit | b924bf7fb57a8984cce68d17ef3793b0752e2175 (patch) | |
tree | 5ed289f409ebe2a4e5a691eaf22c77116a28a911 /rainbow | |
parent | 53eebe8ef275d70b31a3a44de1b423b1cd3a663b (diff) |
Drop old documentation.
Diffstat (limited to 'rainbow')
-rw-r--r-- | rainbow/rainbow/inject.py | 79 |
1 files changed, 4 insertions, 75 deletions
diff --git a/rainbow/rainbow/inject.py b/rainbow/rainbow/inject.py index 02e8609..991daa9 100644 --- a/rainbow/rainbow/inject.py +++ b/rainbow/rainbow/inject.py @@ -1,87 +1,16 @@ import os from os import R_OK, W_OK, X_OK, fork, symlink, unlink, O_CREAT, O_EXCL, readlink, chown, chmod -from os import setgroups, setgid, setuid, chdir, umask, execvpe, execv, waitpid, WEXITSTATUS -from os import getpid, getuid, _exit +from os import setgroups, setgid, setuid, chdir, umask, execvpe, waitpid, WEXITSTATUS +from os import getpid, getuid, _exit, rename from os.path import join, basename, realpath, lexists, islink -from subprocess import check_call +from subprocess import check_call, Popen, PIPE from stat import S_IFDIR -from tempfile import mkdtemp +from tempfile import mkdtemp, mkstemp from grp import getgrnam import resource from rainbow.util import Checker, mount, make_dirs, get_fds, read_envdir -USAGE = """ - -NAME - - rainbow-inject - -SYNOPSIS - - rainbow-inject is a security-wrapper for Sugar Activities. Its purpose is to - launch them in a low-privilege environment so that, if they are exploited, - they are able to do less harm than would be the case if they ran with the - full authority of the XO's human operator. - - This isolation is accomplished by running each activity as a separate user - from a set of users that is known, at system installation time, to have - tightly restricted access to the file-system. - - The environment that rainbow-inject creates for each activity it starts is - supposed to be controlled by an instance-specific security-record (usually - derived from a prototype record stored per-bundle) but this is not yet - implemented. Therefore, Rainbow currently offers no way to customize what - kinds of isolation it provides. - -ENVIRONMENT VARIABLES - - SUGAR_BUNDLE_PATH : MUST contain an absolute path to a bundle to launch. - - SUGAR_BUNDLE_ID : MUST contain the unique bundle-id of the bundle at - SUGAR_BUNDLE_PATH. - - RAINBOW_DIR : Optional; defaults to $HOME/isolation/1 - This directory is used by rainbow-inject for all its - run-time data: currently, this means uid/gid - allocation data and for storing persistent - activity-data storage - - RAINBOW_STRACE_LOG : Optional; defaults to Nothing. - If set, rainbow-inject will cause strace to write a - complete log to stdout. - - RAINBOW_CONSTANT_UID : Optional; defaults to Nothing. - If set, rainbow-inject will cause strace to write a - complete log to stdout. - -ARGUMENTS - - Any arguments will be exec'ed verbatim after rainbow-inject properly - configures its environment. - -FILE DESCRIPTORS - - rainbow-inject will close all open file descriptors except those marked - 'safe' by its caller. - - rainbow-inject will print trace information on descriptor 1 and may print - error messages on descriptor 2. - -RETURN CODES - - Not specified. - -""" - -# Locations of these two files come from the XAUTHORITY and ICEAUTHORITY -# environment variables which are, alas, not set yet when rainbow starts. -# So they're hard-coded here; values should match those set in -# olpc-dm (in olpc-utils package) -_AUTH_HOME='/var/tmp/olpc-auth' -_XAUTHORITY=_AUTH_HOME + '/.Xauthority' -_ICEAUTHORITY=_AUTH_HOME + '/.ICEauthority' - def strace(log, argv, env): log(1, 'applying strace') args = ['/usr/bin/strace', '-f'] |