On 05/07/06, Daan Vreeken [PA4DAN] <[EMAIL PROTECTED]> wrote:
On Wednesday 05 July 2006 03:15, mal content wrote: > On 03/07/06, Peter Jeremy <[EMAIL PROTECTED]> wrote: > > For dynamic executables, you could LD_PRELOAD a .so that replaces > > all the socket-related syscalls. > > Excellent suggestion! Ok, I've created a basic .so file with the following > code, but I've basically got stuck because I don't know how the original > syscalls are defined and can't find the definitions in the source: > > --- > #include <sys/syscall.h> > #include <sys/types.h> > #include <sys/socket.h> > > int socket(int d, int t, int prot) > { > return __syscall(SYS_socket, d, t, prot); > } > [ ... ]Wouldn't this still allow a program to open sockets when the program does the __syscall() dance for itself instead of relying on socket() to work? I have never tried MAC myself, so correct me if I'm wrong, but I think something like this could be done using a modified version of mac_portacl(4).
Yes, it would. It's not meant as a security measure, more a sort of 'make this app misbehave' for testing purposes. Seems to be working well anyway now. MC _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
