how to deny reading of several sysctls (for a set of uids, f.e.)
Andrew N. Below
defan at zenon.net
Tue Jan 23 12:44:03 UTC 2007
Hello.
System - RELENG_6.
Easiest way I found is to patch libc.
But in this case we still can get an original library and use
LD_PRELOAD.
Is there any way to obtain uid of calling process (thread?)
within the kernel?
We have following extern in src/lib/libc/gen/sysctl.c:
[..]
extern int __sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp,
void *newp, size_t newlen);
[..]
And there is __sysctl (src/sys/kern/kern_sysctl.c):
[..]
/*
* MPSAFE
*/
int
__sysctl(struct thread *td, struct sysctl_args *uap)
[..]
1. Whether this function is called from libc sysctl() ?
2. What can we get from td here? My knowledge about FreeBSD kernel
and kernel threads is not yet enough for understanding this.
I also thought about passing control variable from libc
to kernel, but it seems to be bad idea.
Any other ways?
--
Andrew N. Below
More information about the freebsd-hackers
mailing list