Re: [Umbrella-devel] Re: Getting full path from dentry in LSM hooks

From: Kristian SÃrensen
Date: Fri Sep 03 2004 - 15:24:05 EST

Next message: john stultz: "Re: [RFC] New Time of day proposal (updated 9/2/04)"
Previous message: Steffen Zieger: "Re: Codemercs IO-Warrior support"
In reply to: Alan Cox: "Re: Getting full path from dentry in LSM hooks"
Next in thread: Valdis . Kletnieks: "Re: [Umbrella-devel] Re: Getting full path from dentry in LSM hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alan Cox wrote:

On Gwe, 2004-09-03 at 13:12, Kristian SÃrensen wrote:

I have a short question, concerning how to get the full path of a file from a LSM hook.

The full path or a full path. It may have several. They may also have
changed under you.

Can some one reveal the trick to get the full path nomater if the filesystem is root or mounted elsewhere in the filesystem?

You can get the namespace and the name within that namespace that
represents at least one of the names of the file within the vfs layer
(this is what the VFS itself uses for the struct nameidata).

There may be multiple links to a file, it may be mounted in multiple
places and someone on a seperate NFS server may have moved it while you
are thinking about it.

Umbrella is mostly designed for embedded systems (where selinux is overkill) and also it is very easy to understand. Most restrictions will be made to e.g. stop viruses from spreading, and it is quite easy, yet very effective:

If an email client receives an malformed email (like the countless attacks on outlook), a simple restriction could be for the process handeling the mail would be "$HOME/.addressbook", furthermore, you could specify that attachments executed _from_ the emailprogram would not have access to the network. Thus the virus cannot find mail addresses to send itself to - and it cannot even get network access. Simple and effective.

Also simple bufferoverflows in suid-root programs may be avoided. The simple way would to set the restriction "no fork", and thus if an attacker tries to fork a (root) shell, this would be denied. Another way could be to heavily restrict access to the filesystem. If the program is restricted from /var, the root shell spawned by the attack would not have access either. (restrictions are enherited from parent to children).

Best regards, Kristian.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: john stultz: "Re: [RFC] New Time of day proposal (updated 9/2/04)"
Previous message: Steffen Zieger: "Re: Codemercs IO-Warrior support"
In reply to: Alan Cox: "Re: Getting full path from dentry in LSM hooks"
Next in thread: Valdis . Kletnieks: "Re: [Umbrella-devel] Re: Getting full path from dentry in LSM hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]