User Tools
mac
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
mac [2012/05/25 15:02] val |
mac [2012/06/06 22:45] val |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== MAC ====== | ====== MAC ====== | ||
| + | ===== Вариант использования как AppArmor ===== | ||
| - | ===== Вариант использование AppArmor ===== | + | ==== Выбор приложения ==== |
| + | |||
| + | [[Средства программирования shell#Web свервер на shell]] | ||
| + | |||
| + | [[Сервис INETD]] | ||
| + | ==== Тестирование ==== | ||
| + | |||
| + | <code> | ||
| + | # fetch -qo - http://server.corpX.un/index.html | ||
| + | |||
| + | # fetch -qo - http://server.corpX.un/../../etc/passwd | ||
| + | </code> | ||
| ==== Патчинг модулей biba и mls ==== | ==== Патчинг модулей biba и mls ==== | ||
| Line 7: | Line 19: | ||
| # rcsdiff /usr/src/sys/security/mac_mls/mac_mls.c | # rcsdiff /usr/src/sys/security/mac_mls/mac_mls.c | ||
| </code><code> | </code><code> | ||
| - | =================================================================== | ||
| - | RCS file: /usr/src/sys/security/mac_mls/mac_mls.c,v | ||
| - | retrieving revision 1.1 | ||
| - | diff -r1.1 /usr/src/sys/security/mac_mls/mac_mls.c | ||
| 875c875 | 875c875 | ||
| < mls_set_effective(dest, MAC_MLS_TYPE_LOW, 0, NULL); | < mls_set_effective(dest, MAC_MLS_TYPE_LOW, 0, NULL); | ||
| Line 18: | Line 26: | ||
| # rcsdiff /usr/src/sys/security/mac_biba/mac_biba.c | # rcsdiff /usr/src/sys/security/mac_biba/mac_biba.c | ||
| </code><code> | </code><code> | ||
| - | =================================================================== | ||
| - | RCS file: /usr/src/sys/security/mac_biba/mac_biba.c,v | ||
| - | retrieving revision 1.1 | ||
| - | diff -r1.1 /usr/src/sys/security/mac_biba/mac_biba.c | ||
| 915c915 | 915c915 | ||
| < biba_set_effective(dest, MAC_BIBA_TYPE_HIGH, 0, NULL); | < biba_set_effective(dest, MAC_BIBA_TYPE_HIGH, 0, NULL); | ||
| Line 104: | Line 108: | ||
| </code> | </code> | ||
| + | ==== Запуск приложения ==== | ||
| + | |||
| + | <code> | ||
| + | # cat /etc/inetd.conf | ||
| + | </code><code> | ||
| + | ... | ||
| + | http stream tcp nowait root /usr/sbin/setpmac setpmac biba/low,mls/low /usr/local/sbin/webd | ||
| + | </code> | ||
| + | |||
| + | ==== Тестирование ==== | ||
| + | |||
| + | <code> | ||
| + | # fetch -qo - http://172.16.1.6/index.html | ||
| + | |||
| + | # fetch -qo - http://172.16.1.6/../../etc/passwd | ||
| + | </code> | ||
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
