You are not logged in. Login Now register |  search
 0-5          
 
Grex > Mnet > #48: Kernel Updates
Author Message
jp2
Kernel Updates Mark Unseen   Jun 29 11:45 UTC 2000
This item has been erased.

5 responses total.
styles
response 1 of 5: Mark Unseen   Jun 29 14:10 UTC 2000
A really nifty querystring and a buggy script interpreter could potentially
make that a big problem.
jp2
response 2 of 5: Mark Unseen   Jun 29 15:45 UTC 2000
This response has been erased.

xenon313
response 3 of 5: Mark Unseen   Jun 29 17:43 UTC 2000
Isn't there a base socket call multiplexor type function?  There used to 
be at least.  I just did something like the following at the very top of 
the function, (it actually used to be after an mbuf was allocated which 
caused memory leaks, but thaler fixed that):

   if (current->euid >= 500)
      if (!in_egroup_p(PATRON_GID))
         return -EINVAL;

This basically just says if the EUID is over 499, (put to whatever you 
start normal user IDs), then check if the EUID is in the PATRON_GID 
group.  If not, then return a failure to the socket call.  Actually, I 
think it used to be that if current->euid != 0 the group would be 
checked.  You can modify as needed, (e.g. put www in the patron group, 
or make it's UID ignored, etc.)  The in_egroup_p() function just checks 
to see if the EUID user is in the PATRON_GID group and returns TRUE if 
so, (e.g. it does a getpwuid() and checks the user's group and then if 
necessary, does a getgrid(PATRON_GID) and checks the membership).
xenon313
response 4 of 5: Mark Unseen   Jun 29 17:50 UTC 2000
(BTW, I believe Jim did the kernel hack on M-Net and Dave fixed it up.  
I just copied it over during some upgrade and have ported it to Linux.)
jp2
response 5 of 5: Mark Unseen   Jun 29 18:56 UTC 2000
This response has been erased.

 0-5          
 Response Not Possible: You are Not Logged In
 

- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss