Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Intercept executed command and validate


    I need to know is it possible to intercept user executed command in loadable kernel module. I know that system calls can be intercepted such as open(). But what i need to do is intercepts user entered command/ process and add some validations. for example, if user enters cp command, before executing the command i need to perform some validations against it. If we cannot do this in LKM, what are the alternative approaches?

    Thanks.

  2. #2
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    4,087
    If you want to stop users copying stuff around on your server, then the standard approach is to use filesystem permissions to deny them read access to the source and/or write access to the destination. Is this not possible?
    Linux user #126863 - see http://linuxcounter.net/

  3. #3
    -->
    Quote Originally Posted by Roxoff View Post
    If you want to stop users copying stuff around on your server, then the standard approach is to use filesystem permissions to deny them read access to the source and/or write access to the destination. Is this not possible?
    of cause you are right. But i'm experimenting with fined grained permissions on a file, where user can define access levels based on operations aspect. My plan is to use separate namespace in extended attributes where user can define permissions. question is how can I intercept current process to check what defined there. Simple example: if user define to block copying a particular file into USBs, and if some other user trying to execute CP against it, i just want to intercept that process and validate

$spacer_open
$spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •