3

In order to add some security measure for Linux kernel I am trying to add extra flags in the inode structure.

A system call would check this flag if its set for a certain file.

So how can I access the inode structure (through a pointer probably) of a file knowing its directory &/or its inode number?

hkassir72
  • 135
  • 10
  • 1
    Are you sure you don't just need SELinux, or maybe even ACLs? – depquid May 07 '13 at 15:57
  • Yes you should really be looking at SELinux if you're attempting to add security for process & file system interactions. That project has extensive capabilities and it's been hardened for several years! – slm May 07 '13 at 18:02

1 Answers1

2

SELinux provides hooks to add checks based on inode access. Check out this link titled: Inode Hook Functions.

excerpt

The SELinux inode hook function implementations manage the security fields of inode structures and perform access control for inode operations. Since inodes are used to represent pipes, files, and sockets, the hook functions must handle each of these abstractions. Furthermore, these hooks must handle multiple filesystem types, including both conventional disk-based filesystems like ext3 and pseudo filesystems like proc and tmpfs. This section begins by describing the inode hook functions for managing the security fields. It then discusses the inode hook functions for performing access control.

Here's a good tutorial on getting started with SELinux.

References

slm
  • 15,396
  • 12
  • 109
  • 124