Re: [Umbrella-devel] Re: Getting full path from dentry in LSM hooks

["Kristian Sørensen" <ks@cs.aau.dk>]

Alan Cox wrote:
> On Gwe, 2004-09-03 at 13:12, Kristian Sørensen wrote:
> 
>>I have a short question, concerning how to get the full path of a file 
>>from a LSM hook.
> 
> 
> The full path or a full path. It may have several. They may also have
> changed under you. 
> 
> 
>>Can some one reveal the trick to get the full path nomater if the 
>>filesystem is root or mounted elsewhere in the filesystem?
> 
> 
> You can get the namespace and the name within that namespace that
> represents at least one of the names of the file within the vfs layer
> (this is what the VFS itself uses for the struct nameidata).
> 
> There may be multiple links to a file, it may be mounted in multiple
> places and someone on a seperate NFS server may have moved it while you
> are thinking about it.
Umbrella is mostly designed for embedded systems (where selinux is 
overkill) and also it is very easy to understand. Most restrictions will 
be made to e.g. stop viruses from spreading, and it is quite easy, yet 
very effective:

If an email client receives an malformed email (like the countless 
attacks on outlook), a simple restriction could be for the process 
handeling the mail would be "$HOME/.addressbook", furthermore, you could 
specify that attachments executed _from_ the emailprogram would not have 
access to the network. Thus the virus cannot find mail addresses to send 
itself to - and it cannot even get network access. Simple and effective.

Also simple bufferoverflows in suid-root programs may be avoided. The 
simple way would to set the restriction "no fork", and thus if an 
attacker tries to fork a (root) shell, this would be denied. Another way 
could be to heavily restrict access to the filesystem. If the program is 
restricted from /var, the root shell spawned by the attack would not 
have access either. (restrictions are enherited from parent to children).


Best regards, Kristian.