Re: does e2fsprogs needs to invoke file system related system calls?

From: Valdis . Kletnieks
Date: Thu May 05 2005 - 16:04:47 EST

Next message: Alexander Nyberg: "Re: [IA-32]: PIT Documentation"
Previous message: Theodore Ts'o: "Re: does e2fsprogs needs to invoke file system related system calls?"
In reply to: Theodore Ts'o: "Re: does e2fsprogs needs to invoke file system related system calls?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 05 May 2005 16:49:33 EDT, Xin Zhao said:
> does e2fsprogs needs to invoke file system related system calls?

Which calls do you mean? I suspect that for the most part, it's
doing read/write/etc to the *underlying medium* - for instance, mkfs.ext3
can't use calls related to the *file system* because it's not mounted
yet (it doesn't even *exist* yet).

> The reason I want to ask this question is to know whether we can
> bypass the system call monitoring based access control with e2fsprogs.

It's been known since the Unix V7 days and even earlier that having read/write
access to the underlying /dev/hd-whatever partition was able to bypass
file permissions on the file system built on that partition. Of course, write
access is at your own risk, as there's no easy/clean way to ensure that the
kernel doesn't have an in-core copy that doesn't match what you wrote (as
everybody who's run fsck on a live file system can testify ;)

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Alexander Nyberg: "Re: [IA-32]: PIT Documentation"
Previous message: Theodore Ts'o: "Re: does e2fsprogs needs to invoke file system related system calls?"
In reply to: Theodore Ts'o: "Re: does e2fsprogs needs to invoke file system related system calls?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]