A TrustedBSD "voluntary sandbox" policy.

Christopher Davis loafier at FreeBSD.org
Thu Nov 15 13:17:57 PST 2007


On Nov 8, 2007 9:23 AM, Pawel Jakub Dawidek <pjd at freebsd.org> wrote:
> First problem is that it is hard to operate on file paths. MAC passes a
> locked vnode to you and you cannot go from there to a file name easly.
> You could do it by comparsion: call VOP_GETATTR(9) on the given vnode,
> do the same for /etc/passwd and others and compare their inodes and
> file system ids. Performance hit may be significant for complex
> policies.
>
> You can register yourself for process_exit, process_fork and
> process_exec in-kernel events and do your cleanups from your event
> handler. Take a look at EVENTHANDLER(9).
>
> --
> Pawel Jakub Dawidek                       http://www.wheel.pl
> pjd at FreeBSD.org                           http://www.FreeBSD.org
> FreeBSD committer                         Am I Evil? Yes, I Am!
>

Couldn't you use stat() syscall on the paths from the userland utility
that parses the rules, collect the mount point or mount id and the
inode from the stat struct,  then have the MAC policy module
match that data with the file id and mount id available from the
vnode?


-- 
Christopher Davis


More information about the freebsd-hackers mailing list