'[lids-user] Re: [Lids-devel] LIDS_APPEND Flag used for lids_check_base function'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       lids-user
Subject:    [lids-user] Re: [Lids-devel] LIDS_APPEND Flag used for lids_check_base function
From:       Yusuf Wilajati Purna <ywpurna () users ! sourceforge ! net>
Date:       2004-08-18 16:07:22
Message-ID: 41237EBA.4050706 () users ! sourceforge ! net
[Download RAW message or body]

Hi,

Hariharan Jayaraman wrote:
> Hi All,
>        While studying the LIDS patch I noticed that LIDS_APPEND flag has
> been used with the dentry of filename passed, what i understood so far
> is that lids_check_base is checking if the directory under which the
> program exists is protected or not, which i also verified by actually
> applying CAP checks on a program located in an unprotected directory.

I am happy that there are still other people reading LIDS code.
Huagang or Philippe, in fact, can explain this better, but let me try to
explain.

lids_check_base(dentry, flag) will return 0 if the current process can
access the 'dentry' with the 'flag' access mode. Otherwise, it will
return a negative value.

> But what i have not understood is the use of LIDS_APPEND file being
> used, is there a particular reason to do so. 

Thus, if I cannot APPEND anything  to the dentry, the dentry must be
protected with DENY or READONLY. This trick is used to check if the
dentry is protected or not.

> The lids patch version that i am using is lids-1.1.2rc6-2.4.20.patch.
> 

To increase the code readability, I have replaced the lids_check_base()
in do_exec() with lids_protected() in LIDS 1.2.X. If you still stick on
kernel 2.4 you had better start with LIDS 1.2.2rc2 since I will still
maintai the code.


Regards,
purna



-- 
Yusuf Wilajati Purna <ywpurna@users.sourceforge.net>
1024D/7354A078
Key fingerprint = 7F4F 8433 C65F 3502 BC93  F529 BFDE F939 7354 A078



-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
lids-user mailing list
lids-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lids-user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic