[Systrace] link() policies with multiple filenames possible?
Niels Provos
provos at citi.umich.edu
Sat Nov 6 14:41:00 EST 2004
On Sat, Nov 06, 2004 at 03:47:30PM +0100, Nikolay Sturm wrote:
> link() has two degrees of freedom: target file and link name. How do I
> differentiate these in a systrace policy?
Pretty easy. Do the following
$ systrace -d /tmp/ -A ln /tmp/a /tmp/b
$ cat /tmp/ln
Policy: /bin/ln, Emulation: native
native-__sysctl: permit
native-fsread: filename eq "/etc/malloc.conf" then permit
native-issetugid: permit
native-mmap: permit
native-getrlimit: permit
native-mprotect: permit
native-fsread: filename eq "/tmp/a" then permit
native-fsread: filename eq "/tmp/b" then permit
native-link: filename eq "/tmp/a" and filename[1] eq "/tmp/b" then permit
native-munmap: permit
native-exit: permit
The same kind of indexing works for all system calls that have
similiar arguments. Although, it actually depends on the translators,
some system calls might not have the right translators implemented for
them.
Hope this helps,
Niels.
More information about the systrace
mailing list