Date: Wed, 30 May 2007 02:32:44 +0400 From: "Kirill Bolshakov" <kirill.bolshakov@gmail.com> To: freebsd-security@freebsd.org Subject: LoMAC module: cannot get clearance level revoked Message-ID: <1ef87a7d0705291532v472a3c30i4bee07d0f502bc5b@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello Almighty All, I am trying to get the LoMAC module revoke user's privileges. In my test setup, the user with a higher clearance tries to open a lower clearance file for reading. After that the process label of the user's process is checked. As a final test, the user's process tries to write to a file with the higher integrity label. And he succeeds. Please find my test setup including the test program below. I will be grateful for any advice you may have. I am using FreeBSD 6.1. All MAC stuff enabled, the corresponding module loaded, and other models evaluated (Biba, MLS, combo). Thanks, Kirill === TEST PROGRAM === #include <stdlib.h> #include <stdio.h> #include <sys/types.h> #include <sys/mac.h> void printfilelabel(const char * fname) { mac_t filelabel; char *buf; if ( 0 != mac_prepare_file_label( &filelabel ) ) { fprintf( stderr, "printfilelabel(%s): failed to prepare label\n", fname ); exit( -1 ); } if ( 0 != mac_get_file( fname, filelabel ) ) { fprintf( stderr, "printfilelabel(%s): failed to get label\n", fname ); exit( -1 ); } if ( 0 != mac_to_text( filelabel, &buf ) ) { fprintf( stderr, "printfilelabel(%s): failed to convert label\n", fname ); exit( -1 ); } printf( "\tfilelabel(%s) is %s\n", fname, buf ); free( buf ); mac_free( filelabel ); } void printmylabel() { mac_t mylabel; char *buf; if ( 0 != mac_prepare_process_label( &mylabel ) ) { fprintf( stderr, "printmylabel: failed to prepare label" ); exit( -1 ); } if ( 0 != mac_get_proc( mylabel ) ) { fprintf( stderr, "printmylabel: failed to get label" ); exit( -1 ); } if ( 0 != mac_to_text( mylabel, &buf ) ) { fprintf( stderr, "printmylabel: failed to convert label" ); exit( -1 ); } printf( "\tMy label is %s\n", buf ); free( buf ); mac_free( mylabel ); } int main(int argc, char **argv) { if ( argc != 3 ) return -1; printmylabel(); printfilelabel( argv[1] ); printf( "Try to open %s for reading...\n", argv[1]); FILE * f = fopen( argv[1], "r" ); if ( f ) { /*printf( "Boo! read by lomac/high!\n" );*/ printf("Open for reading succeeded for %s\n", argv[1] ); printmylabel(); printfilelabel( argv[1] ); fclose(f); f = NULL; printmylabel(); printfilelabel( argv[2] ); printf( "Try to open %s for writing\n", argv[2] ); f = fopen(argv[2],"w"); if ( f ){ printmylabel(); printf( "Succeeded in opening %s for writing\n", argv[2] ); printfilelabel( argv[2] ); fclose( f ); printfilelabel( argv[2] ); printmylabel(); } else { printf( "Unable to open %s for writing!\n", argv[2] ); } } else { printf( "Unable to open %s for reading!\n", argv[1] ); } } === END OF TEST PROGRAM === === TWO TEST FILES === The program was run like this: ./lomactest testlow test and the files had these labels: testlow: lomac/low test: lomac/high === END OF TWO TEST FILES === === LOGIN CLASS === lmsecure:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ :path=~/bin:/sbin:/bin:/usr/sbin:/user/bin:/usr/local/sbin:usr/local/bin:\ :manpath=/usr/share/man /usr/local/man:\ :nologin=/usr/sbin/nologin:\ :cputime=1h30m:\ :datasize=8M:\ :vmemoryuse=100M:\ :stacksize=2M:\ :memorylocked=4M:\ :memoryuse=8M:\ :filesize=8M:\ :coredumpsize=8M:\ :openfiles=24:\ :maxproc=32:\ :priority=0:\ :requirehome:\ :passwordtime=91d:\ :umask=022:\ :ignoretime@:\ :label=lomac/high(high-high): === END OF LOGIN CLASS === PROGRAM RUN RESULT My label is lomac/high(high-high) filelabel(testlow) is lomac/low Try to open testlow for reading... Open for reading succeeded for testlow My label is lomac/high(high-high) filelabel(testlow) is lomac/low My label is lomac/high(high-high) filelabel(test) is lomac/high Try to open test for writing My label is lomac/high(high-high) Succeeded in open test for writing filelabel(test) is lomac/high filelabel(test) is lomac/high My label is lomac/high(high-high) === END OF PROGRAM RUN RESULT
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1ef87a7d0705291532v472a3c30i4bee07d0f502bc5b>