lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 28 Jul 2008 12:30:23 -0700 (PDT)
From:	SandeepKsinha <sandeepksinha@...il.com>
To:	linux-ext4@...r.kernel.org
Subject: Re: Multiple Data Stream



Theodore Tso wrote:
> 
> On Sun, Jul 27, 2008 at 04:04:32PM +0530, Rohit Sharma wrote:
>> Does ext2/ext3 supports multiple data streams.
> 
> No.  The primary use of alternate data streams in Windows XP has been
> Virii, Trojan Horses, and Rootkits.  See this article by Rick Cook,
> "Alternate Data Streams: Threat or Menace:"
> 
> 
>        http://www.informit.com/articles/article.aspx?p=413685
> 
> (Threat or Menace?  Menance or Threat?  Or to quote Bugs Bunny/Daffy
> Duck, "Would you like to shoot me now or wait till you get home?"  :-)
> 
> I've heard stories of System Administrators refusing to upgrade past
> Solaris 8 because of concerns of attackers being able to use the
> alternate data streams feature which Sun unfortunately added in
> Solaris 9 to hide rootkits in ways that traditional scanning tools
> would not be able to detect.
> 
> I've yet to see a coherent argument for why multiple data streams is
> worth it....
> 
> 

Hey Ted,
I am a newbie into these filesystems but I can see the positive sides of
these Alternate Data Streams or multiple data streams too, needless to
mention those.
 
If you look a bit more deeper into it, in my perspective and the kind of
implementation I look forward to, here is what I have.

Access to the multiple data stream can be done through a file descriptor.
Applications can open the multiple data stream to get a file descriptor and
can do read(), write(), mmap().. using the file descriptor. These system
calls would work as if it is been operated on a regular file. 
The multiple data streams of a file will be stored in a hidden named data
stream directory inode associated with the file. The hidden directory inode
for the file can be accessed only through the multiple data stream API.

Now, as the multiple data streams has their own associated inodes, we could
store the access permission as well as the owner/group information in the
multiple data stream inode. This way the access control for the multiple
data stream can be controlled by the permissions stored in the multiple data
stream inode. 
       We could have a model where we use the permissions on the parent file
to be used to check the accessibility of the alternate data stream. It would
also make great sense to me, if we just add a fall back to the kernel to
decide whether a user with particular credentials, should be allowed to
access/make changes to these multiple data streams that are associated with
the file.

To add more to it, any regular file can be created in a regular way but
whatever mechanism is used to create these multiple data streams associated
with the regular file will surely undergo a permission check by the
underlying OS or the filesystem.

Thanks & Regards,
SandeepKsinha.



> 
> 						- Ted
> 
> 
> Bugs Bunny: Would you like to shoot me now or wait 'til you get home?
> Daffy Duck: Shoot him now! Shoot him now!
> Bugs Bunny: You keep outta this! He doesn't have to shoot you now!
> Daffy Duck: He does SO have to shoot me now!
> [to Elmer]
> Daffy Duck: I demand that you shoot me now!
> [Elmer raises his gun. As Daffy sticks his tongue out at Bugs, he is shot] 
> 
> 
> Daffy Duck: Let'th run through that again.
> Bugs Bunny: Okay.
> [neutral toned]
> Bugs Bunny: Wouldja like to shoot me now or wait till ya get home.
> Daffy Duck: [neutral toned] Shoot him now, shoot him now.
> Bugs Bunny: [neutral toned] You keep outta dis, he doesn't hafta shoot you
> now.
> Daffy Duck: [with expression] HA! THAT'TH IT! HOLD IT RIGHT THERE!
> [to audience]
> Daffy Duck: Pronoun trouble.
> [to Bugs]
> Daffy Duck: It'th not "He doethn't have to shoot
> [pointing to Bugs]
> Daffy Duck: *you* now." It'th "He doethn't have to shoot
> [pointing to himself]
> Daffy Duck: *me* now."
> [with anger]
> Daffy Duck: Well, *I* thay he *does* have to shoot me now!
> [to Elmer]
> Daffy Duck: THO SHOOT ME NOW!
> [Elmer shoots him]
> --
> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
> 

-- 
View this message in context: http://www.nabble.com/Multiple-Data-Stream-tp18675139p18697577.html
Sent from the linux-ext4 mailing list archive at Nabble.com.

--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ