A TrustedBSD "voluntary sandbox" policy.
Christopher Davis
loafier at FreeBSD.org
Thu Nov 15 13:17:57 PST 2007
On Nov 8, 2007 9:23 AM, Pawel Jakub Dawidek <pjd at freebsd.org> wrote:
> First problem is that it is hard to operate on file paths. MAC passes a
> locked vnode to you and you cannot go from there to a file name easly.
> You could do it by comparsion: call VOP_GETATTR(9) on the given vnode,
> do the same for /etc/passwd and others and compare their inodes and
> file system ids. Performance hit may be significant for complex
> policies.
>
> You can register yourself for process_exit, process_fork and
> process_exec in-kernel events and do your cleanups from your event
> handler. Take a look at EVENTHANDLER(9).
>
> --
> Pawel Jakub Dawidek http://www.wheel.pl
> pjd at FreeBSD.org http://www.FreeBSD.org
> FreeBSD committer Am I Evil? Yes, I Am!
>
Couldn't you use stat() syscall on the paths from the userland utility
that parses the rules, collect the mount point or mount id and the
inode from the stat struct, then have the MAC policy module
match that data with the file id and mount id available from the
vnode?
--
Christopher Davis
More information about the freebsd-hackers
mailing list