Created
July 31, 2010 06:33
-
-
Save Estella/501844 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /**************************************************************************************************/ | |
| /* */ | |
| /* Estella Mystagic */ | |
| /* */ | |
| /**************************************************************************************************/ | |
| // Restrict chmod syscall while in securelevel one or higher, prevent sticky,setgid,setuid. | |
| #include <sys/types.h> | |
| #include <sys/param.h> | |
| #include <sys/proc.h> | |
| #include <sys/module.h> | |
| #include <sys/sysent.h> | |
| #include <sys/kernel.h> | |
| #include <sys/systm.h> | |
| #include <sys/syscall.h> | |
| #include <sys/sysproto.h> | |
| /**************************************************************************************************/ | |
| static int albino_squirrel(struct thread *td, void *syscall_args) { | |
| struct chmod_args *uap; | |
| uap = (struct chmod_args *)syscall_args; | |
| char path[255]; | |
| size_t done; | |
| int error; | |
| error = copyinstr(uap->path, path, 255, &done); | |
| if (error != 0) | |
| return(error); | |
| if (securelevel >= 1) { | |
| if (uap->mode > 33279) { | |
| printf("BLOCKED CHMOD uid(%d) pid(%d) ppid(%d) object(%s) permissions(%o)\n", | |
| td->td_ucred->cr_uid, td->td_proc->p_pid, td->td_proc->p_pptr->p_pid, path, uap->mode); // thx bryan | |
| return (EPERM); | |
| } | |
| } | |
| return(chmod(td, syscall_args)); | |
| } | |
| /**************************************************************************************************/ | |
| static int load(struct module *module, int cmd, void *arg) { | |
| int error = 0; | |
| switch (cmd) { | |
| case MOD_LOAD: | |
| printf("albino_squirrel loaded protecting his nut (kernel) - chmod restrictions while in high securelevels\n"); | |
| sysent[SYS_chmod].sy_call = (sy_call_t *)albino_squirrel; | |
| break; | |
| case MOD_UNLOAD: | |
| printf("albino_squirrel unloaded\n"); | |
| sysent[SYS_chmod].sy_call = (sy_call_t *)chmod; | |
| break; | |
| default: | |
| error = EOPNOTSUPP; | |
| break; | |
| } | |
| return(error); | |
| } | |
| /**************************************************************************************************/ | |
| static moduledata_t chmod_hook_mod = { "albino_squirrel", load, NULL }; | |
| /**************************************************************************************************/ | |
| DECLARE_MODULE(albino_squirrel, chmod_hook_mod, SI_SUB_DRIVERS, SI_ORDER_MIDDLE); | |
| /**************************************************************************************************/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment