Re: [Umbrella-devel] Re: Getting full path from dentry in LSM hooks
From: Kristian SÃrensen
Date: Fri Sep 03 2004 - 15:24:05 EST
Alan Cox wrote:
On Gwe, 2004-09-03 at 13:12, Kristian SÃrensen wrote:
I have a short question, concerning how to get the full path of a file
from a LSM hook.
The full path or a full path. It may have several. They may also have
changed under you.
Can some one reveal the trick to get the full path nomater if the
filesystem is root or mounted elsewhere in the filesystem?
You can get the namespace and the name within that namespace that
represents at least one of the names of the file within the vfs layer
(this is what the VFS itself uses for the struct nameidata).
There may be multiple links to a file, it may be mounted in multiple
places and someone on a seperate NFS server may have moved it while you
are thinking about it.
Umbrella is mostly designed for embedded systems (where selinux is
overkill) and also it is very easy to understand. Most restrictions will
be made to e.g. stop viruses from spreading, and it is quite easy, yet
very effective:
If an email client receives an malformed email (like the countless
attacks on outlook), a simple restriction could be for the process
handeling the mail would be "$HOME/.addressbook", furthermore, you could
specify that attachments executed _from_ the emailprogram would not have
access to the network. Thus the virus cannot find mail addresses to send
itself to - and it cannot even get network access. Simple and effective.
Also simple bufferoverflows in suid-root programs may be avoided. The
simple way would to set the restriction "no fork", and thus if an
attacker tries to fork a (root) shell, this would be denied. Another way
could be to heavily restrict access to the filesystem. If the program is
restricted from /var, the root shell spawned by the attack would not
have access either. (restrictions are enherited from parent to children).
Best regards, Kristian.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/