linux更改权限:用LKM更改linux缺省安全等级来源: 发布时间:星期四, 2009年2月12日 浏览:50次 评论:0
Linux缺省 ![]() ![]() ![]() 为1 ![]() ![]() /移除module.所以我们可以先用chattr +i ![]() ![]() ![]() ![]() 动script...)加上immutable位,这样"黑客"就很难在你 ![]() (即便他已经得到了root权限,当然通过直接硬盘读写仍然可以修改,但比较麻烦而且危险 ). "黑客"们 ![]() ![]() ![]() (wtmp,messages,syslog...)增加append-only位,使"黑客"不能轻易 ![]() 他们就容易多了.:-) 修改安全等级比较直接 ![]() ![]() securelevel设成1即可.不过如果要改变安全等级 ![]() 么麻烦.:-) 为什么不用module呢?我写了个很简单 ![]() ![]() ![]() ![]() 思路方法: insmod lkm; clt -h; 注意:普通用户也可以执行clt来切换安全等级,所以最好是在clt和lkm中加段密码检查, 如果密码不对就不允许执行.:-) 这两个 ![]() ![]() 变成了securebits,简单 ![]() ![]() ![]() 登陆了.如果谁对2.2.x比较熟悉,请不吝赐教,共同提高嘛.:) <在测试这些 ![]() ![]() ![]() ( ![]() ![]() 常工作 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() (有关chattr,lsaddr请man chattr和man lsattr) [email protected] /**************************** lkm.c ********************************/ /* Simple lkm to secure Linux. * This module can be used to change the securelevel of Linux. * Running the client will switch the securelevel. * * gcc -O3 -Wall -c lkm.c * insmod lkm * * It is tested in Redhat 5.2 (2.0.36). * (It should be mod ![]() ![]() * It is really very simple,but we just for educational purposes.:-) * * [email protected] */ # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() # ![]() extern void *sys_call_table ![]() ![]() ![]() { ![]() ![]() ![]() ![]() ![]() } ![]() { sys_call_table[__NR_secureswitch] = (void *)sys_secureswitch; ![]() } void cleanup_module(void) { sys_call_table[__NR_secureswitch] = NULL; ![]() } /************************ clt.c **************************/ /* * This client can switch the secure level of Linux. * * gcc -O3 -Wall -o clt clt.c * Usage: clt -h/-l * -h switch to the high secure level. * -l switch to the low secure level. * * Most of codes are ripped from [email protected],thanks smiler.:) * [email protected] */ # ![]() # ![]() # ![]() # ![]() ![]() ![]() ![]() ![]() ![]() ![]() { ![]() ![]() { fpr ![]() exit(-1); } ![]() ![]() ![]() ![]() ![]() { fpr ![]() exit(-1); } ret = secureswitch(level); ![]() pr ![]() ![]() ![]() ![]() puts("Now the secure level is changed to 0!n"); } ![]() puts("Now the secure level is chagned to 1!n"); } } ![]() } 0
相关文章读者评论发表评论 |