|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: fping & systrace
From: Julien TOUCHE (julien.touche
lycos.com)
Date: Sat Sep 02 2006 - 05:14:13 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ted Unangst wrote on 01/09/2006 23:54:
>> isn't it limited to a deny (returning an errorcode) ? so how ?
>>
>> native-getuid: permit
>>
>> native-getuid: permit[0] => error
>> native-getuid: permit as root => error
>
> yeah, actually i think you want "as root", but for geteuid or whatever
> the right syscall is.
>
i don't get it ???
"native-getuid: permit as root" doesn't work in a systrace policy
$ sudo /bin/systrace -a -c 556:556 /usr/local/sbin/fping localhost
syntax error
/etc/systrace/usr_local_sbin_fping:24: syntax error.
Segmentation fault
and same for adding a return code to permit.
nobody with systrace privilege evelation and fping ?
thanks
Regards
Julien
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]