Change-Id: Ib10f9e15464ace1012d906349a128b4677cd9a10
Signed-off-by: yeji01.kim <yeji01.kim@samsung.com>
namespace {
const unsigned int fileReadSyscalls[] = {
+#ifdef __NR_uselib
__NR_uselib,
+#endif
+#ifdef __NR_uselib
__NR_open,
+#endif
__NR_openat,
+#ifdef __NR_stat
__NR_stat,
+#endif
+#ifdef __NR_lstat
__NR_lstat,
+#endif
+ __NR_fstat,
#ifdef __NR_newstat
__NR_newstat,
#endif
#ifdef __NR_newfstat
__NR_newfstat,
#endif
+#ifdef __NR_stat64
__NR_stat64,
+#endif
+#ifdef __NR_lstat64
__NR_lstat64,
+#endif
+#ifdef __NR_fstat64
+ __NR_fstat64,
+#endif
+#ifdef __NR_fstatat64
__NR_fstatat64,
+#endif
__NR_getxattr,
__NR_lgetxattr,
__NR_fgetxattr,
__NR_llistxattr,
__NR_flistxattr,
__NR_faccessat,
+#ifdef __NR_access
__NR_access,
+#endif
__NR_chdir,
__NR_chroot,
__NR_quotactl,
};
const unsigned int fileWriteSyscalls[] = {
+#ifdef __NR_open
__NR_open,
+#endif
__NR_openat,
+#ifdef __NR_creat
__NR_creat,
+#endif
__NR_acct,
#ifdef __NR_swapon
__NR_swapon,
__NR_truncate64,
#endif
__NR_renameat,
+#ifdef __NR_rename
__NR_rename,
+#endif
__NR_mknodat,
+#ifdef __NR_mknod
__NR_mknod,
+#endif
__NR_mkdirat,
+#ifdef _NR_mkdir
__NR_mkdir,
+#endif
+#ifdef __NR_rmdir
__NR_rmdir,
+#endif
__NR_unlinkat,
+#ifdef __NR_unlink
__NR_unlink,
+#endif
__NR_symlinkat,
+#ifdef __NR_symlink
__NR_symlink,
+#endif
__NR_linkat,
+#ifdef __NR_link
__NR_link,
+#endif
};
const unsigned int fileExecSyscalls[] = {
+#ifdef __NR_uselib
__NR_uselib,
+#endif
__NR_execve,
};
__NR_removexattr,
__NR_fremovexattr,
__NR_lremovexattr,
+#ifdef __NR_chmod
__NR_chmod,
+#endif
__NR_fchmod,
__NR_fchmodat,
+#ifdef __NR_chown
__NR_chown,
+#endif
+#ifdef __NR_lchown
__NR_lchown,
+#endif
__NR_fchown,
+#ifdef __NR_chown32
__NR_chown32,
+#endif
+#ifdef __NR_lchown32
__NR_lchown32,
+#endif
+#ifdef __NR_fchown32
__NR_fchown32,
+#endif
__NR_fchownat,
+#ifdef __NR_utime
+ __NR_utime,
+#endif
+#ifdef __NR_utimes
__NR_utimes,
+#endif
+#ifdef __NR_utimesat
+ __NR_utimesat,
+#endif
+#ifdef __NR_futimesat
+ __NR_futimesat,
+#endif
+ __NR_utimensat,
};
void setMaskFileSystemcalls(Rule &rule, unsigned int perm)
rule + syscall;
}
-}
+} // namespace
void BaseRuleSet::addDir(const std::vector<std::string>& dirs,
unsigned int perm, Result result)
//ptrace(26) system call positive
pid_t pid;
- pid = syscall(__NR_fork);
+ pid = fork();
if (pid == -1) {
Display::printResult(Display::FAIL, "ptrace(26) positive");
return;
typedef std::function<void(audit_trail_h)> ruleFunc;
static const std::vector<std::pair<std::string, ruleFunc>> rules = {
- {"systemcall={nice}",
+ {"systemcall={umask}",
[] (audit_trail_h audittrail) {
audit_rule_h rule;
audit_rule_create(&rule);
- audit_rule_add_systemcall(rule, __NR_nice);
+ audit_rule_add_systemcall(rule, __NR_umask);
audit_trail_add_rule(audittrail, rule);
audit_rule_destroy(rule);
}
projects / platform / core / security / audit-trail.git / commitdiff