Re: Howto read a file off disk?

• Previous message: Valdis.Kletnieksat_private: "Re: Howto read a file off disk?"
• In reply to: Omen Wild: "Re: Howto read a file off disk?"
• Next in thread: Omen Wild: "Re: Howto read a file off disk?"
• Next in thread: Crispin Cowan: "Re: Howto read a file off disk?"
• Next in thread: Greg KH: "Re: Howto read a file off disk?"
• Reply: Omen Wild: "Re: Howto read a file off disk?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Friday 18 July 2003 11:37, Omen Wild wrote:
> Quoting Jesse Pollard <jesse@cats-chateau.net> on Fri, Jul 18 11:05:
> > Ummmm maybe not... you do have to modify a fileid (since the file is
> > already being opened anyway). Open the file as usual, then before
> > returning to the application pass the fileid to the daemon as an already
> > open fileid. ((I admit - I haven't done this myself)) This would allow
> > the daemon to implement a queue of fileids to process.
>
> I can do that?  Pass an open fileid of one process to a process out
> side the kernel, and then back into the kernel?  I've (obviously) never
> done any programming like that.

This is in reference to passing a file descriptor to a process. The reciever
must have a AF_UNIX socket open, and the module must format the message
as a file descriptor and pass it to the socket.

Checkout "send_fd" and "recv_fd" in the "Advanced Programming in the UNIX 
Environment" (W. Richard Stevens). What you are doing is formatting the
message suitable for recv_fd to obtain the file id. Since the file would
now be open (though not available to the original process yet) the file
could be READ by the daemon (note - the daemon does not open the file),
processed and have a return to the module of the checksum. How the final
communication between the daemon/module is done I'm not sure, but at least
the processing could be external to the kernel.

This isn't a detailed explaination, but should get you started looking up some
other data.

I have considered using a daemon to take over all sockets NOT used by inetd,
then use a file descriptor passing technique to control network access. (and
possibly even requring inetd to allocate sockets from the daemon too). This
would eliminate users from creating unauthorized services by blocking access
to the ports.
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Crispin Cowan: "Re: Howto read a file off disk?"
• Previous message: Valdis.Kletnieksat_private: "Re: Howto read a file off disk?"
• In reply to: Omen Wild: "Re: Howto read a file off disk?"
• Next in thread: Omen Wild: "Re: Howto read a file off disk?"
• Next in thread: Crispin Cowan: "Re: Howto read a file off disk?"
• Next in thread: Greg KH: "Re: Howto read a file off disk?"
• Reply: Omen Wild: "Re: Howto read a file off disk?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jul 21 2003 - 08:56:13 PDT