Skip to content

Configurable targeting strategies #9

New issue
New issue
Open
Open
Configurable targeting strategies#9
Assignees
hmwildermuth
Labels
enhancementNew feature or requestkernel-independenceMaking KRF work on non-Linux kernels
@woodruffw

Description

@woodruffw
woodruffw
opened on Jun 6, 2019

Right now, KRF can only target a process based on its personality(2) mask. This works really well, but we should support other techniques.

Candidate techniques (not exhaustive):

  • PID (or list of PIDs)
  • GID (or list of GIDs)
    • A very early version of KRF did this, and it worked fine. We should re-add it.
  • Processes that have a given file/file-like object open

Since we're operating in user context during a syscall, we should be able to target on anything present in task_struct. There's probably additional context we can safely test.

Doing this will also give us a nice interface for writing a kernel-independent targeting system, which will help with #8.

Metadata

Metadata

Assignees

Labels

enhancementNew feature or requestkernel-independenceMaking KRF work on non-Linux kernels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions