zapekl. problem a +i file
Peter Kundrat
kundrat na napri.sk
Čtvrtek Listopad 28 23:40:14 CET 1996
Jakub Jelinek writes:
> Alespon kdyz jsem se do ext2fs koukal naposledy, tak dovolilo rootovi menit
> chattr kdykoli.
Z linux-2.0.18/fs/ext2/ioctl.c:ext_ioctl(..., EXT2_IOC_SETFLAGS, ..)
/*
* The IMMUTABLE and APPEND_ONLY flags can only be changed by
* the super user when the security level is zero.
*/
if ((flags & (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL)) ^
(inode->u.ext2_i.i_flags &
(EXT2_APPEND_FL | EXT2_IMMUTABLE_FL))) {
/* This test looks nicer. Thanks to Pauline Middelink */ if (!fsuser() || securelevel > 0)
return -EPERM;
> No, a jelikoz neexistuje lockovani raw devicu, tak je
> vsechno stejne na nic... Viz napr. FIBMAP nebo e2fstools,
> clovek si zjisti velice jednoduse, kde dana vec lezi, no a uz to tam masti...
> Ono by to chtelo i dalsi veci, napr. securelevel zavisly ptrace syscall (aby
> nikdo nemohl attachnout gdb k procesu, ke kteremu to neni chtene, atd.)
Snad si na to neikto najde cas ..
pk
Další informace o konferenci Linux