From owner-freebsd-current@FreeBSD.ORG Thu Sep 27 14:32:16 2007 Return-Path: Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 36B7116A41A for ; Thu, 27 Sep 2007 14:32:16 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [83.120.8.8]) by mx1.freebsd.org (Postfix) with ESMTP id 8DD9913C459 for ; Thu, 27 Sep 2007 14:32:15 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (localhost [127.0.0.1]) by lurza.secnetix.de (8.14.1/8.14.1) with ESMTP id l8REUlAa017381; Thu, 27 Sep 2007 16:30:55 +0200 (CEST) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.14.1/8.14.1/Submit) id l8REUl1v017380; Thu, 27 Sep 2007 16:30:47 +0200 (CEST) (envelope-from olli) Date: Thu, 27 Sep 2007 16:30:47 +0200 (CEST) Message-Id: <200709271430.l8REUl1v017380@lurza.secnetix.de> From: Oliver Fromme To: freebsd-current@FreeBSD.ORG, cpghost@cordula.ws, Daichi GOTO In-Reply-To: <20070927155519.114cac72@epia-2.farid-hajji.net> X-Newsgroups: list.freebsd-current User-Agent: tin/1.8.3-20070201 ("Scotasay") (UNIX) (FreeBSD/6.2-STABLE-20070808 (i386)) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Thu, 27 Sep 2007 16:30:55 +0200 (CEST) Cc: Subject: Re: wrapping dynamic syscalls with wrap(1) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-current@FreeBSD.ORG, cpghost@cordula.ws, Daichi GOTO List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Sep 2007 14:32:16 -0000 cpghost wrote: > Daichi GOTO wrote: > > And unusual commands like chflags I just suppose are no much I think that chflags(1) is not "unusual". A non-standard extension to rm(1) would be unusual. > > point in this case. What is important is that adding mistake > > protecting functions into common commands like rm(1) itself. > > Perhaps the solution is not general enough: rm(1) is but one > program using the unlink(2) syscall. Why not protect unlink(2) > itself by wrapping it into a function that does all this checking > that you're putting into safety-rm right now? > > Users who want to protect themselves could then dynamically > link this unlink-wrapper into all their applications. When an > application calls unlink(2), that call will be diverted to > unlink(3), the wrapper. That's an interesting idea. > Ideally, users should have a generic way to wrap syscalls (or > other dynamic library calls) with a program similar to env(1), > let's call it wrap(1). A call to wrap(1): > > $ wrap lib1 lib2 lib3 ... prog How is that different from this: $ LD_PRELOAD="lib1 lib2 lib3 ..." prog Well, if you want to save a little bit of typing, wrap(1) could be trivially implemented as a shell script: #/bin/sh - if [ $# -lt 1 ]; then echo "Usage: ${0##*/} [ ...] " >&2 exit 1 fi eval PROG=\$$# LIBS=${*%$PROG} LD_PRELOAD="${LIBS% }" exec "$PROG" By the way, I have used the LD_PRELOAD trick in the past; it works fine. I used it to wrap a few functions in libX11 in order to capture video and audio from certain closed- source player applications that didn't allow to save media files to disk. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "FreeBSD is Yoda, Linux is Luke Skywalker" -- Daniel C. Sobral