| Server IP : 103.4.122.14 / Your IP : 216.73.216.103 Web Server : Apache/2.4.62 (Unix) OpenSSL/1.0.2k-fips System : Linux cwp2.slnet.com.au 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64 User : statewid ( 1251) PHP Version : 8.3.31 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/systemtap/examples/general/ |
Upload File : |
#!/usr/bin/stap
# badname.stp
# Prevent the creation of files with undesirable names.
# Source: http://blog.cuviper.com/2009/04/08/hacking-linux-filenames/
# return non-zero if the filename should be blocked
function filter:long (name:string)
{
return isinstr(name, "XXXbadnameXXX")
}
global squash_inode_permission
# We really want to probe may_create(). But, may_create() is now
# always inlined, and stap can't find its arguments. So, we have to
# probe may_create()'s callers.
probe kernel.{function("vfs_create"), function("vfs_mknod"),
function("vfs_mkdir"), function("vfs_symlink"),
function("vfs_link"), function("vfs_rename")}
{
# screen out the conditions which may_create will fail anyway
if (@choose_defined($dentry->d_inode, $new_dentry->d_inode)
|| @choose_defined($dir->i_flags, $new_dir->i_flags) & %{ S_DEAD %}) next
# check that the new file meets our naming rules
if (filter(kernel_string(@choose_defined($dentry->d_name->name,
$new_dentry->d_name->name))))
squash_inode_permission[tid()] = 1
}
probe kernel.function("inode_permission@fs/namei.c").return !,
kernel.function("permission@fs/namei.c").return
{
if (!$return && squash_inode_permission[tid()])
$return = -13 # -EACCES (Permission denied)
delete squash_inode_permission[tid()]
}