I'm a little confused on how/where program data should be stored in a Posix envronment, Debian Linux specifically. I understand that user specific data should be kept in $home, and looking at this question it looks like data common to all users should be in /var/lib/myProgram/ but how does myProgram get granted the access to read and write data there? I'm a little lost and I'm still a newcomer to linux, I'd appreciate any insights!
Related
I am wanting to write a utility that does some reporting based on data available in the /proc directory.
Is this as simple as reading and parsing the contents of the virtual file I am interested in? I have seen this approach implemented in Python when doing similar things.
Is there a superior way to do this in Go?
For backstory, I am using ZFS on Linux and want to retrieve data from this virtual file: /proc/spl/kstat/zfs/arcstats
This is a Python program that operates directly on that file.
Is this as simple as reading and parsing the contents of the virtual file I am interested in?
As far as I know: yes.
But you might try looking at github.com/c9s/goprocinfo to see what they do there, or if you can use that package instead.
See also this SO question and answer.
There is a security issue in linux kernel, which affects most of android devices and basically allows any user to become root.
Since I am linux user for quite some time, I am very curious how this exploit works, especially how can I check whether my kernel in my PC (custom built) or on any of my servers, is vulnerable to this or not. Is there any source code (preferably documented) or details of the exploit so that I could see how it works? I could only find the generic information or closed source binaries that do exploit the bug and give you root if executed by any user, but no background information or details of which part of kernel has the flaw and how is it even possible to do this.
So far I found this interesting article http://tinyhack.com/2014/07/07/exploiting-the-futex-bug-and-uncovering-towelroot/ which explains that it uses stack hack, by calling certain syscalls in order to get something into a stack of futex_queue. While I understand how that works, I have no idea how changing anything in that stack can actually elevate privileges of current process. What I found interesting is, that this guy say that since kernel 3.13 something has changed and now different technique is needed to exploit this. Does it mean that this was not even fixed and is still exploitable in recent kernel that can be downloaded from kernel.org?
As SilverlightFox said, the Security portion of stackexchange (http://security.stackexchange.com/) probably would be better for this, but here goes nothing.
From the sound of it, this hack appears to be a way to elevate any users' terminal/kernel for a given amount of time, which is, not to say the least, bad. My idea of how this sort of issue would work is a program that overloads the futex_queue by calling those said syscalls and then provides, temporarily, the user with superuser access.
I looked around at the link you provided and found that it does require remote login from SSH or similar procedures. In a console screenshot, it uses the line gcc -o xpl xpl.c -lpthread, which shows that this exploit is done in C. And a quote directly from the article:
This is actually where the bug is: there is a case where the waiter is
still linked in the waiter list and the function returns. Please note that a kernel stack is completely separate from user stack. You can not
influence kernel stack just by calling your own function in the userspace. You can manipulate kernel stack value by doing syscall.
In the image at http://www.clevcode.org/cve-2014-3153-exploit/, it shows the output of the towelroot exploit, testing the address limits and getting into the task structure to spawn a superuser shell. Also, in the tinyhack article, it gives a simple recreation of this exploit's base, so I'd recommend taking a look at that and working from it.
I don't know any clear form of testing if your system is vulnerable, so the best I can tell you is to try and harden your systems and do all you can to keep it protected. Anyway, I don't think that someone would easily get hold of server ports and logins to run this exploit on your system.
Cheers!
im going crazy trying to look for examples of unix domain socket usage on bash. I'm starting to think if it is possible at all, and thenI find people using them for netowrk stuff, i wanting merely for IPC locally, can someone facilitate me some example, resources, guidance or at least if its possible at all?
Is this so deep in the kernel that it can only be programmed C for example... I;ve seen some Python stuff i think tho...
Thanks.
I've decided to go off using bash, it would be a big big task and i dont have any real constrains, I have learn a lot of how linux works tho, in essence to be able to implement this would have to probaly modify some parts of the kernel...
Thanks everyone.
I'm a newbie on Linux programming and I don't know exactly where I can get information of functions for example. There is a directory Documentations in my sources. But I can't find semaphore stuff there for example. Is there a documentation for all the function somewhere in the sources? Or not obligatorily?
The Linux Kernel Newbies site is a good point to start.
And, of course, the kernel itself is the best reference. To get started. Also have a look at kernel.org/doc. For semaphores, look at this page here.
I need some opinions pointers on creating pseudo-filesystems for linux/*nix systems.
Firstly when I say pseudo-filesystem I mean something like /proc where the structure within does not represent actual files on disks or such but the state of the kernel. I would like to try something similar as an interface to an application.
As an example you could say, mount a ftp url to your filesystem and your browser app could then allow you to interact with the remote system doing ls et al on it and translating the standard filesystem requests into ftp ones.
So the first question is: how does one go about doing that? I have read a bit about it and it looks like you need to implement a new kernel module. If possible I would like to avoid that - my thinking being that someone may have already provided a tool for doing this sort of thing and provided the module to assist already.
My second question is: does anyone have a good list of examples of applications/services/whatever using this sort of technique to provide a filesystem based interface.
Lastly if anyone has any opinions on why this might be a good/bad idea to do such a thing on a generic level I would like to hear it.
A userspace filesystem via fuse would probably be your best way to go.
Regarding the next part of your question (which applications use this method), there is the window manager wmii, it uses the 9p filesystem via v9fs, which is a port of 9p to Linux. There are many examples on plan9, most notably acme. I suggested fuse because it seems more actively developed and mainstream in the Linux world, but plan9 is pretty much the reference for this approach as far as I know.