Diff of /trunk/1.6.x/ccs-patch/README.ccs

TOMOYO

 Subversion リポジトリの参照



/[tomoyo]/trunk/1.6.x/ccs-patch/README.ccs




Diff of /trunk/1.6.x/ccs-patch/README.ccs



 Parent Directory

|  Revision Log



|  Patch














revision 986 by kumaneko,
Tue Feb  5 04:56:40 2008 UTC




revision 987 by kumaneko,
Thu Feb 14 08:30:47 2008 UTC






#

Line 1164 
 Fix 2008/02/05


Line 1164 
 Fix 2008/02/05












1164
       Kernel 2.6.24 introduced PID namespace.
       Kernel 2.6.24 introduced PID namespace.

















1165
       To search PID given from userland, the kernel needs to use
       To search PID given from userland, the kernel needs to use

















1166
       find_task_by_vpid() instead of find_task_pid().
       find_task_by_vpid() instead of find_task_pid().












1167
 
 







1168
 
 Fix 2008/02/14







1169
 
 







1170
 
     @ Add execve() parameter checking.







1171
 
 







1172
 
       Until now, it was impossible to check argv[] and envp[] parameters







1173
 
       passed to execve().







1174
 
       I expanded conditional permission syntax so that







1175
 
       { argc, envc, argv[] , envp[] } parameters can be checked if needed.







1176
 
       This will allow administrator permit execution of /bin/sh only when







1177
 
       /bin/sh is invoked in the form of "/bin/sh -c" and environment variable







1178
 
       HOME is set by specifying







1179
 
 







1180
 
         allow_execute /bin/sh if exec.argv[1]="-c" exec.envp["HOME"]!=NULL







1181
 
 







1182
 
       in the policy.







1183
 
       This extension will make exploit codes difficult to start /bin/sh because







1184
 
       they unlikely set up environment variables and unlikely specify "-c"







1185
 
       option when invoking /bin/sh , whereas proper functions likely set up







1186
 
       environment variables and likely specify "-c" option.
























Legend:



Removed from v.986
 


changed lines


 
Added in v.987













Back to OSDN">Back to OSDN
ViewVC Help


Powered by ViewVC 1.1.26
 /[tomoyo]/trunk/1.6.x/ccs-patch/README.ccs
-revision 986 by kumaneko,
Tue Feb  5 04:56:40 2008 UTC
+revision 987 by kumaneko,
Thu Feb 14 08:30:47 2008 UTC
 Line 1164 
 Fix 2008/02/05
        Kernel 2.6.24 introduced PID namespace.
        To search PID given from userland, the kernel needs to use
        find_task_by_vpid() instead of find_task_pid().
+ Fix 2008/02/14
+     @ Add execve() parameter checking.
+       Until now, it was impossible to check argv[] and envp[] parameters
+       passed to execve().
+       I expanded conditional permission syntax so that
+       { argc, envc, argv[] , envp[] } parameters can be checked if needed.
+       This will allow administrator permit execution of /bin/sh only when
+       /bin/sh is invoked in the form of "/bin/sh -c" and environment variable
+       HOME is set by specifying
+         allow_execute /bin/sh if exec.argv[1]="-c" exec.envp["HOME"]!=NULL
+       in the policy.
+       This extension will make exploit codes difficult to start /bin/sh because
+       they unlikely set up environment variables and unlikely specify "-c"
+       option when invoking /bin/sh , whereas proper functions likely set up
+       environment variables and likely specify "-c" option.
 Legend:



Removed from v.986
 


changed lines


 
Added in v.987
 Legend:



Removed from v.986
 


changed lines


 
Added in v.987
-Removed from v.986
+Added in v.987
-Back to OSDN">Back to OSDN
+ViewVC Help
 Powered by ViewVC 1.1.26

オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照