Diff of /trunk/1.7.x/ccs-patch/README.ccs

TOMOYO

 Subversion リポジトリの参照



/[tomoyo]/trunk/1.7.x/ccs-patch/README.ccs




Diff of /trunk/1.7.x/ccs-patch/README.ccs



 Parent Directory

|  Revision Log



|  Patch














revision 924 by kumaneko,
Thu Jan 24 03:18:27 2008 UTC




revision 987 by kumaneko,
Thu Feb 14 08:30:47 2008 UTC






#

Line 1156 
 Fix 2008/01/24


Line 1156 
 Fix 2008/01/24












1156
            (current->gid != 0 && current->gid == inode->i_gid)
            (current->gid != 0 && current->gid == inode->i_gid)

















1157
 
 

















1158
       The inode's uid and gid are set using chown/chgrp commands.
       The inode's uid and gid are set using chown/chgrp commands.












1159
 
 







1160
 
 Fix 2008/02/05







1161
 
 







1162
 
     @ Use find_task_by_vpid() instead of find_task_pid().







1163
 
 







1164
 
       Kernel 2.6.24 introduced PID namespace.







1165
 
       To search PID given from userland, the kernel needs to use







1166
 
       find_task_by_vpid() instead of find_task_pid().







1167
 
 







1168
 
 Fix 2008/02/14







1169
 
 







1170
 
     @ Add execve() parameter checking.







1171
 
 







1172
 
       Until now, it was impossible to check argv[] and envp[] parameters







1173
 
       passed to execve().







1174
 
       I expanded conditional permission syntax so that







1175
 
       { argc, envc, argv[] , envp[] } parameters can be checked if needed.







1176
 
       This will allow administrator permit execution of /bin/sh only when







1177
 
       /bin/sh is invoked in the form of "/bin/sh -c" and environment variable







1178
 
       HOME is set by specifying







1179
 
 







1180
 
         allow_execute /bin/sh if exec.argv[1]="-c" exec.envp["HOME"]!=NULL







1181
 
 







1182
 
       in the policy.







1183
 
       This extension will make exploit codes difficult to start /bin/sh because







1184
 
       they unlikely set up environment variables and unlikely specify "-c"







1185
 
       option when invoking /bin/sh , whereas proper functions likely set up







1186
 
       environment variables and likely specify "-c" option.
























Legend:



Removed from v.924
 


changed lines


 
Added in v.987













Back to OSDN">Back to OSDN
ViewVC Help


Powered by ViewVC 1.1.26
 /[tomoyo]/trunk/1.7.x/ccs-patch/README.ccs
-revision 924 by kumaneko,
Thu Jan 24 03:18:27 2008 UTC
+revision 987 by kumaneko,
Thu Feb 14 08:30:47 2008 UTC
 Line 1156 
 Fix 2008/01/24
             (current->gid != 0 && current->gid == inode->i_gid)
        The inode's uid and gid are set using chown/chgrp commands.
+ Fix 2008/02/05
+     @ Use find_task_by_vpid() instead of find_task_pid().
+       Kernel 2.6.24 introduced PID namespace.
+       To search PID given from userland, the kernel needs to use
+       find_task_by_vpid() instead of find_task_pid().
+ Fix 2008/02/14
+     @ Add execve() parameter checking.
+       Until now, it was impossible to check argv[] and envp[] parameters
+       passed to execve().
+       I expanded conditional permission syntax so that
+       { argc, envc, argv[] , envp[] } parameters can be checked if needed.
+       This will allow administrator permit execution of /bin/sh only when
+       /bin/sh is invoked in the form of "/bin/sh -c" and environment variable
+       HOME is set by specifying
+         allow_execute /bin/sh if exec.argv[1]="-c" exec.envp["HOME"]!=NULL
+       in the policy.
+       This extension will make exploit codes difficult to start /bin/sh because
+       they unlikely set up environment variables and unlikely specify "-c"
+       option when invoking /bin/sh , whereas proper functions likely set up
+       environment variables and likely specify "-c" option.
 Legend:



Removed from v.924
 


changed lines


 
Added in v.987
 Legend:



Removed from v.924
 


changed lines


 
Added in v.987
-Removed from v.924
+Added in v.987
-Back to OSDN">Back to OSDN
+ViewVC Help
 Powered by ViewVC 1.1.26

オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照