COMPILATION LISTING OF SEGMENT mrds_dsm_determine_auth_sec Compiled by: Multics PL/I Compiler, Release 28e, of February 14, 1985 Compiled at: Honeywell Multics Op. - System M Compiled on: 04/18/85 1018.7 mst Thu Options: optimize map 1 /* *********************************************************** 2* * * 3* * * 4* * Copyright, (C) Honeywell Information Systems Inc., 1981 * 5* * * 6* * * 7* *********************************************************** */ 8 9 mrds_dsm_determine_auth_sec: proc (db_path, dsm_dirname, dsm_entryname) returns (bit (1) unal); 10 11 /* 12* This module determines the security state of the database and the 13* authorization to that database for the caller. It returns the 14* value true ("1"b) if either the database is in an unsecure state 15* or the database is in a secure state and the caller is a DBA for 16* that database, for any other condition it returns false ("0"b). 17* If for some reason the database cannot be opened or its security 18* state cannot be determined the database will be assumed to be in 19* a secure state an a warning will be sent via sub_err_ that this 20* assumption is being made. If the caller's authorization cannot be 21* determined it will be assumed to be that of a normal user (as 22* opposed to a DBA) and again a warning will be sent via sub_err_ 23* that this assuption is being made. Old version databases will 24* always have the value true returned. 25* 26* where: 27* 28* db_path: (input) char (*) relative or absolute path to the 29* . database 30* dsm_dirname: (input) char (*) absolute path to the submodel's 31* . containing directory 32* dsm_entryname: (input) char (*) entry name of the submodel - must 33* . include the dsm suffix. 34* return_value: (output) bit (1) unal true if the database is not 35* . secure or the database is secure and the caller is a DBA else 36* . false. 37* 38* Known Bugs: 39* 40* Other problems: 41* 42* HISTORY: 43* 44* 81-04-27 Davids: originally coded; 45* 83-01-24 Roger Lackey : Changed the length of SECURE_DATABASE_MESSAGE 46* and NOT_ADMINISTRATOR_MESSAGE to accommodate long 47* directory pathnames in error messages. 48* Also added undefine variables. 49* 50* 83-09-28 Paul Benjamin: Backed out change of 83-01-24 as meaningless. 51**/ 52 53 /* PARAMETERS */ 54 55 dcl db_path char (*); /* (input) absolute or relative path to the database */ 56 dcl dsm_dirname char (*); /* (input) absolute path to the submodel's containing directory */ 57 dcl dsm_entryname char (*); /* (input) entry name of the submodel 58* - must conatin the dsm suffix */ 59 60 /* AUTOMATIC */ 61 62 dcl db_ptr ptr init (null ());/* pointer to the database's data model */ 63 dcl internal_error fixed bin (35); /* standard error code */ 64 dcl local_area area (50); /* area for small allocations */ 65 66 /* BUILTINS */ 67 68 dcl addr builtin; 69 dcl empty builtin; 70 dcl null builtin; 71 72 73 /* CONDITIONS */ 74 75 dcl cleanup condition; 76 77 /* CONSTANT */ 78 79 dcl SECURE_DATABASE_MESSAGE char (150) internal static options (constant) 80 init ("^/ASSUMING DATABASE IS SECURE^/Could not open the database ^a^/refered to by ^a>^a"); 81 dcl NOT_ADMINISTRATOR_MESSAGE char (150) internal static options (constant) 82 init ("^/ASSUMING YOU ARE NOT A DATABASE ADMINISTRATOR^/Could not " || 83 "determine your authorization to the database ^a^/refered to by ^a>^a"); 84 85 /* EXTERNAL */ 86 87 dcl mrds_error_$version_not_supported fixed bin (35) external static; 88 89 /* ENTRIES */ 90 91 dcl mrds_dm_authorization$get_user_class entry (char (*), ptr, fixed bin, ptr, fixed bin (35)); 92 dcl mrds_dm_close entry (ptr, fixed bin (35)); 93 dcl mrds_dm_open entry (char (168), fixed bin, ptr, fixed bin (35)); 94 dcl mrds_dm_db_secured$get_secured_status entry (ptr, ptr, fixed bin, ptr, fixed bin (35)); 95 1 1 /* BEGIN INCLUDE FILE mrds_authorization.incl.pl1 - - 81-01-20 Jim Gray */ 1 2 1 3 /* HISTORY: 1 4* 1 5* 81-01-20 Jim Gray : original created for the mmi_$get_authorization interface 1 6* 1 7**/ 1 8 1 9 /* DESCRIPTION: 1 10* 1 11* this structure returns the callers user_class 1 12* either database administrator or normal user. 1 13* Note that these separate classes were used to allow 1 14* future expansion to the user classes, rather than 1 15* make them logical "not"'s of one another. 1 16* NOTE: a DBA is always also a normal user, thus if the caller 1 17* is a DBA, his normal_user bit will be on also. 1 18* 1 19**/ 1 20 1 21 1 22 declare 1 mrds_authorization aligned based (mrds_authorization_ptr), 1 23 2 version fixed bin, /* version number of this structure */ 1 24 2 administrator bit (1) unal, /* caller is a DBA */ 1 25 2 normal_user bit (1) unal, /* caller has no special priviledges */ 1 26 2 mbz bit (34) unal ; 1 27 1 28 1 29 declare mrds_authorization_ptr ptr ; /* pointer for referring to the structure */ 1 30 1 31 declare mrds_authorization_structure_version fixed bin init (1) int static options (constant) ; 1 32 1 33 /* END INCLUDE FILE mrds_authorization.incl.pl1 */ 96 97 2 1 /* BEGIN INCLUDE FILE mrds_database_state.incl.pl1 - - 81-01-20 Jim Gray */ 2 2 2 3 /* HISTORY: 2 4* 2 5* 81-01-20 Jim Gray : original created for the mmi_$get_secured_status interface 2 6* 2 7**/ 2 8 2 9 /* DESCRIPTION: 2 10* 2 11* This structure returns the database state (secured or unsecured) 2 12* for determining how commands and subroutines will behave for each case. 2 13* The secured bit was kept separate from the unsecured, 2 14* rather than it's logical "not", to allow for future extensibility 2 15* of database secured states. 2 16* 2 17**/ 2 18 2 19 2 20 declare 1 database_state aligned based (database_state_ptr), 2 21 2 version fixed bin, /* version number of this structure */ 2 22 2 unsecured bit (1) unal, /* database not secured */ 2 23 2 secured bit (1) unal, /* database has been secured */ 2 24 2 mbz bit (34) unal ; 2 25 2 26 2 27 declare database_state_ptr ptr ; /* pointer for referring to the structure */ 2 28 2 29 declare database_state_structure_version fixed bin init (1) int static options (constant) ; 2 30 2 31 /* END INCLUDE FILE mrds_database_state.incl.pl1 */ 98 99 100 on cleanup 101 begin; 102 if db_ptr ^= null () 103 then call mrds_dm_close (db_ptr, internal_error); 104 end; 105 106 /* 107* Open the database to determine its securitry state. If the 108* database cannot be opened no information about the database 109* version or security state of the database can be obtained so for 110* security reasons it must be assummed that the database is in a 111* secure state. A message indicating this assumption is set to the 112* user. 113* */ 114 115 call mrds_dm_open ((db_path), 2, db_ptr, internal_error); 116 if internal_error ^= 0 117 then do; 118 call report_error (internal_error, SECURE_DATABASE_MESSAGE, 119 db_path, dsm_dirname, dsm_entryname); 120 allocate database_state in (local_area) set (database_state_ptr); 121 database_state.secured = "1"b; 122 end; 123 else do; 124 125 /* 126* With the database successfully open a check may be made on its 127* security state. If the error mrds_error_$version_not_supported is 128* returned it means that the database is a version that does not 129* have a security attribute, the database will be flaged (in 130* database_state.secured) as unsecured. If any other error is 131* returned it is assumed that the database has a security attribute 132* but its value could not be determined. The database will be 133* flaged as secure and a message about the assumption will be sent 134* to the user. 135**/ 136 137 call mrds_dm_db_secured$get_secured_status (db_ptr, addr (local_area), 138 database_state_structure_version, database_state_ptr, internal_error); 139 if internal_error ^= 0 140 then do; 141 allocate database_state in (local_area) set (database_state_ptr); 142 if internal_error = mrds_error_$version_not_supported 143 then database_state.secured = "0"b; 144 else do; 145 call report_error (internal_error, SECURE_DATABASE_MESSAGE, 146 db_path, dsm_dirname, dsm_entryname); 147 database_state.secured = "1"b; 148 end; 149 end; 150 call mrds_dm_close (db_ptr, internal_error); /* no reason to keep the db open */ 151 end; 152 153 /* 154* If the error returned by get_user_clase is 155* mrds_error_$version_not_supported it means that the database does 156* have use the DBA concept. For these databases all users have the 157* functionality of a DBA and an authorization of administrator will 158* be set. For any other error it will be asummed that the database 159* does use the DBA concept but that the authorization of the caller 160* cannot be determined, for security reasons it must be assummed 161* that the caller is not an administrator. A warning about this 162* assumption will be sent to the user. 163**/ 164 165 call mrds_dm_authorization$get_user_class (db_path, addr (local_area), 166 mrds_authorization_structure_version, mrds_authorization_ptr, internal_error); 167 if internal_error ^= 0 168 then do; 169 allocate mrds_authorization in (local_area) set (mrds_authorization_ptr); 170 if internal_error = mrds_error_$version_not_supported 171 then mrds_authorization.administrator = "1"b; 172 else do; 173 call report_error (internal_error, NOT_ADMINISTRATOR_MESSAGE, 174 db_path, dsm_dirname, dsm_entryname); 175 mrds_authorization.administrator = "0"b; 176 end; 177 end; 178 179 return (^database_state.secured | (database_state.secured & mrds_authorization.administrator)); 180 181 report_error: proc (icode, message, arg1, arg2, arg3); 182 183 /* 184* This routine is used to report errors via the sub_err_ condition. 185* sub_err_ is called with the continue switch set so that after the 186* sub_err_ condition has been acted on by the system and the 187* message is printed control is returned to the entry which called 188* report_error. All this assumes that the user has not set up his 189* own sub_err_ handler - if he has he can return control to this 190* module or not as well as printing the message or not. 191**/ 192 193 194 /* PARAMETERS */ 195 196 dcl icode fixed bin (35); /* (input) error code */ 197 dcl message char (*); /* (input) error message */ 198 dcl arg1 char (*); /* (input) first argument to the error message */ 199 dcl arg2 char (*); /* (input) second argument to the error message */ 200 dcl arg3 char (*); /* (input) third argument to the error message */ 201 202 /* AUTOMATIC */ 203 204 dcl retval fixed bin (35); /* not used but needed as a parameter by sub_err_ */ 205 206 /* ENTRIES */ 207 208 dcl sub_err_ entry options (variable); 209 210 211 212 213 call sub_err_ (icode, "mrds_dsm_determine_auth_sec", "c", null (), retval, message, arg1, arg2, arg3); 214 215 return; 216 217 end; /* report_error */ 218 219 end; /* determine_security_authorization */ 220 SOURCE FILES USED IN THIS COMPILATION. LINE NUMBER DATE MODIFIED NAME PATHNAME 0 04/18/85 0906.7 mrds_dsm_determine_auth_sec.pl1 >special_ldd>online>mrds.pbf-04/18/85>mrds_dsm_determine_auth_sec.pl1 96 1 10/14/83 1608.8 mrds_authorization.incl.pl1 >ldd>include>mrds_authorization.incl.pl1 98 2 10/14/83 1608.8 mrds_database_state.incl.pl1 >ldd>include>mrds_database_state.incl.pl1 NAMES DECLARED IN THIS COMPILATION. IDENTIFIER OFFSET LOC STORAGE CLASS DATA TYPE ATTRIBUTES AND REFERENCES (* indicates a set context) NAMES DECLARED BY DECLARE STATEMENT. NOT_ADMINISTRATOR_MESSAGE 000000 constant char(150) initial unaligned dcl 81 set ref 173* SECURE_DATABASE_MESSAGE 000046 constant char(150) initial unaligned dcl 79 set ref 118* 145* addr builtin function dcl 68 ref 137 137 165 165 administrator 1 based bit(1) level 2 packed unaligned dcl 1-22 set ref 170* 175* 179 arg1 parameter char unaligned dcl 198 set ref 181 213* arg2 parameter char unaligned dcl 199 set ref 181 213* arg3 parameter char unaligned dcl 200 set ref 181 213* cleanup 000166 stack reference condition dcl 75 ref 100 database_state based structure level 1 dcl 2-20 set ref 120 141 database_state_ptr 000176 automatic pointer dcl 2-27 set ref 120* 121 137* 141* 142 147 179 179 database_state_structure_version 000123 constant fixed bin(17,0) initial dcl 2-29 set ref 137* db_path parameter char unaligned dcl 55 set ref 9 115 118* 145* 165* 173* db_ptr 000100 automatic pointer initial dcl 62 set ref 62* 102 102* 115* 137* 150* dsm_dirname parameter char unaligned dcl 56 set ref 9 118* 145* 173* dsm_entryname parameter char unaligned dcl 57 set ref 9 118* 145* 173* empty builtin function dcl 69 ref 64 icode parameter fixed bin(35,0) dcl 196 set ref 181 213* internal_error 000102 automatic fixed bin(35,0) dcl 63 set ref 102* 115* 116 118* 137* 139 142 145* 150* 165* 167 170 173* local_area 000104 automatic area(50) dcl 64 set ref 64* 120 137 137 141 165 165 169 message parameter char unaligned dcl 197 set ref 181 213* mrds_authorization based structure level 1 dcl 1-22 set ref 169 mrds_authorization_ptr 000174 automatic pointer dcl 1-29 set ref 165* 169* 170 175 179 mrds_authorization_structure_version 000123 constant fixed bin(17,0) initial dcl 1-31 set ref 165* mrds_dm_authorization$get_user_class 000012 constant entry external dcl 91 ref 165 mrds_dm_close 000014 constant entry external dcl 92 ref 102 150 mrds_dm_db_secured$get_secured_status 000020 constant entry external dcl 94 ref 137 mrds_dm_open 000016 constant entry external dcl 93 ref 115 mrds_error_$version_not_supported 000010 external static fixed bin(35,0) dcl 87 ref 142 170 null builtin function dcl 70 ref 62 102 213 213 retval 000206 automatic fixed bin(35,0) dcl 204 set ref 213* secured 1(01) based bit(1) level 2 packed unaligned dcl 2-20 set ref 121* 142* 147* 179 179 sub_err_ 000022 constant entry external dcl 208 ref 213 NAMES DECLARED BY EXPLICIT CONTEXT. mrds_dsm_determine_auth_sec 000146 constant entry external dcl 9 report_error 000564 constant entry internal dcl 181 ref 118 145 173 THERE WERE NO NAMES DECLARED BY CONTEXT OR IMPLICATION. STORAGE REQUIREMENTS FOR THIS PROGRAM. Object Text Link Symbol Defs Static Start 0 0 1030 1054 700 1040 Length 1302 700 24 212 130 0 BLOCK NAME STACK SIZE TYPE WHY NONQUICK/WHO SHARES STACK FRAME mrds_dsm_determine_auth_sec 246 external procedure is an external procedure. on unit on line 100 70 on unit report_error internal procedure shares stack frame of external procedure mrds_dsm_determine_auth_sec. STORAGE FOR AUTOMATIC VARIABLES. STACK FRAME LOC IDENTIFIER BLOCK NAME mrds_dsm_determine_auth_sec 000100 db_ptr mrds_dsm_determine_auth_sec 000102 internal_error mrds_dsm_determine_auth_sec 000104 local_area mrds_dsm_determine_auth_sec 000174 mrds_authorization_ptr mrds_dsm_determine_auth_sec 000176 database_state_ptr mrds_dsm_determine_auth_sec 000206 retval report_error THE FOLLOWING EXTERNAL OPERATORS ARE USED BY THIS PROGRAM. call_ext_out_desc call_ext_out return enable ext_entry_desc int_entry alloc_based empty THE FOLLOWING EXTERNAL ENTRIES ARE CALLED BY THIS PROGRAM. mrds_dm_authorization$get_user_class mrds_dm_close mrds_dm_db_secured$get_secured_status mrds_dm_open sub_err_ THE FOLLOWING EXTERNAL VARIABLES ARE USED BY THIS PROGRAM. mrds_error_$version_not_supported LINE LOC LINE LOC LINE LOC LINE LOC LINE LOC LINE LOC LINE LOC 9 000141 62 000173 64 000175 100 000200 102 000214 104 000231 115 000232 116 000257 118 000261 120 000313 121 000320 122 000322 137 000323 139 000344 141 000346 142 000353 145 000362 147 000414 150 000417 165 000430 167 000464 169 000466 170 000473 173 000502 175 000534 179 000537 181 000564 213 000614 215 000675 ----------------------------------------------------------- Historical Background This edition of the Multics software materials and documentation is provided and donated to Massachusetts Institute of Technology by Group BULL including BULL HN Information Systems Inc. as a contribution to computer science knowledge. This donation is made also to give evidence of the common contributions of Massachusetts Institute of Technology, Bell Laboratories, General Electric, Honeywell Information Systems Inc., Honeywell BULL Inc., Groupe BULL and BULL HN Information Systems Inc. to the development of this operating system. Multics development was initiated by Massachusetts Institute of Technology Project MAC (1963-1970), renamed the MIT Laboratory for Computer Science and Artificial Intelligence in the mid 1970s, under the leadership of Professor Fernando Jose Corbato. Users consider that Multics provided the best software architecture for managing computer hardware properly and for executing programs. Many subsequent operating systems incorporated Multics principles. Multics was distributed in 1975 to 2000 by Group Bull in Europe , and in the U.S. by Bull HN Information Systems Inc., as successor in interest by change in name only to Honeywell Bull Inc. and Honeywell Information Systems Inc. . ----------------------------------------------------------- Permission to use, copy, modify, and distribute these programs and their documentation for any purpose and without fee is hereby granted,provided that the below copyright notice and historical background appear in all copies and that both the copyright notice and historical background and this permission notice appear in supporting documentation, and that the names of MIT, HIS, BULL or BULL HN not be used in advertising or publicity pertaining to distribution of the programs without specific prior written permission. Copyright 1972 by Massachusetts Institute of Technology and Honeywell Information Systems Inc. Copyright 2006 by BULL HN Information Systems Inc. Copyright 2006 by Bull SAS All Rights Reserved