From sturm at erisiandiscord.de  Sat Nov  6 09:47:30 2004
From: sturm at erisiandiscord.de (Nikolay Sturm)
Date: Sat Nov  6 14:36:32 2004
Subject: [Systrace] link() policies with multiple filenames possible?
Message-ID: <20041106144730.GA2421@snafu.erisiandiscord.de>

Hi!

link() has two degrees of freedom: target file and link name. How do I
differentiate these in a systrace policy?

My goal is to make sure processes only create hardlinks in a certain
directory structure and that these do not point outside this struct. In
another rule I want to allow symlinks to point outside. Is this possible
with systrace?

Nikolay

-- 
OpenPGP: 0x2036A3A7 - 64E4 7D77 F5C0 EA47 A901  51EF 6E54 6E4F 2036 A3A7
"The XFS you see in the kernel is not SGI-XFS but the X Font Server."
some user on misc@openbsd.org
From provos at citi.umich.edu  Sat Nov  6 14:41:00 2004
From: provos at citi.umich.edu (Niels Provos)
Date: Sat Nov  6 14:41:01 2004
Subject: [Systrace] link() policies with multiple filenames possible?
In-Reply-To: <20041106144730.GA2421@snafu.erisiandiscord.de>
References: <20041106144730.GA2421@snafu.erisiandiscord.de>
Message-ID: <20041106194059.GA15331@citi.citi.umich.edu>

On Sat, Nov 06, 2004 at 03:47:30PM +0100, Nikolay Sturm wrote:
> link() has two degrees of freedom: target file and link name. How do I
> differentiate these in a systrace policy?

Pretty easy.  Do the following

$ systrace -d /tmp/ -A ln /tmp/a /tmp/b
$ cat /tmp/ln
Policy: /bin/ln, Emulation: native
        native-__sysctl: permit
        native-fsread: filename eq "/etc/malloc.conf" then permit
        native-issetugid: permit
        native-mmap: permit
        native-getrlimit: permit
        native-mprotect: permit
        native-fsread: filename eq "/tmp/a" then permit
        native-fsread: filename eq "/tmp/b" then permit
        native-link: filename eq "/tmp/a" and filename[1] eq "/tmp/b" then permit
        native-munmap: permit
        native-exit: permit

The same kind of indexing works for all system calls that have
similiar arguments.  Although, it actually depends on the translators,
some system calls might not have the right translators implemented for
them.

Hope this helps,

Niels.
From systrace at web.de  Wed Nov 24 06:40:20 2004
From: systrace at web.de (Sven-Torsten Gigler)
Date: Wed Nov 24 18:23:15 2004
Subject: [Systrace] systrace + sshd? Please Help
Message-ID: <233753057@web.de>

Hi,

I can not use systrace for the sshd (sshd works fine without systrace). The same test with the Client ssh works fine:

/etc/systrace/templates # systrace -A /usr/sbin/sshd -p 122
/etc/systrace/templates # systrace: intercept_get_string: ioctl: Bad address
systrace: intercept_syscall:810: intercept_filename: Bad address
/etc/systrace/templates # /usr/sbin/sshd -p 122
/etc/systrace/templates # netstat -an | grep 122
tcp 0 0 0.0.0.0:122 0.0.0.0:* LISTEN

Are there any known problems with sshd and systrace?

I use SUSE 9.0, kernel 2.4.24-systrace1.5 patched for systrace

Thank you very much.

Yours Torsten
________________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt neu bei WEB.DE FreeMail: http://freemail.web.de/?mc=021193