添加“有用的”非 root 用户通常无法使用系统调用
我实现了一个简单的 Hello World 系统调用,但功能有限 - 它只是从用户模式转换到内核模式,打印与内核消息一起记录的消息,然后转换回用户模式。
获得额外积分的下一步是添加非 root 用户通常无法使用的有用(新)系统调用。
系统调用可以是我们喜欢的简单的,但我正在努力想出任何想法......有人可以指出我正确的方向或指向可以轻松实现的东西吗? (我们得到的提示是使用新的系统调用来进行调试!)
I've implemented a simple Hello World syscall with limited functionality — that simply transitions from user mode to kernel mode, prints a message that is logged with the kernel messages, and transitions back to user mode.
The next step for extra credit is to add a useful (new) syscall that is not normally available to a non-root user.
The syscall can be a simple as we like but I'm struggling to come up with any ideas... can someone point me in the right direction or towards something that would be easily implemented? (A hint we were given was to use your new syscall for debugging purposes!)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
内核结构中有大量有关进程的信息:页面位置、内存统计信息、I/O 统计信息和文件句柄信息、CPU 调度信息等。虽然用户可以通过诸如
等方式获取其中大部分信息>proc
文件系统,以编程方式获取该信息可能需要解析proc
输出等。提供一种获取有关进程的此类信息的方法(可能不太注意可能会出现的安全问题)暂时出现)可能会有用。There's a fair amount of information in the kernel structures about processes: page locations, memory statistics, I/O statistics and file handle information, CPU scheduling information, etc. While most of it might be available to the user through things like the
proc
filesystem, getting that information programmatically probably requires parsing theproc
output, etc. Providing a way to get this type of information about a process (maybe paying less attention to security issues that might arise for the time being) could be useful.用户通常不能将自己拥有的文件的所有权授予其他用户(当然,这是有充分理由的!)。您可以实现一个系统调用来做到这一点。不要忘记清除 setuid 位!
A user cannot normally gift ownership of a file that they own themselves to another user (of course, there's sound reasons for that!). You could implement a syscall to do that. Don't forget to clear the setuid bit!
将当前进程的 uid 设置为 0 怎么样,本质上是一个“后门”系统调用,为调用它的任何用户提供 root 访问权限?
How about just setting the current process's uid to 0, essentially a "back-door" syscall that gives root access to any user that calls it?
也许是专门从受信任的 NTP 服务器更新系统日期和时间的新调用?
我相信普通用户无法自己做到这一点。
以某种方式更改网络设置?释放/续订 DHCP 租约,或实施简单的网络位置,这些网络位置是存储在根可写配置文件中的预定义批量设置。
Perhaps a new call to specifically update the system date and time from a trusted NTP server?
I believe that a normal user is unable to do this on their own.
Changing the network settings in some way? Release/renew DHCP lease, or implement simple network locations that are predfined batches of settings stored in a root-writable config file.
最简单的事情 - 为了调试 - 将创建一个系统调用,让您可以直接访问内核的“printk”调用!
The simplest thing to do - for debugging - would create a syscall that gave you direct access to the kernel's "printk" call!