Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
I want to intercept every write system call and modify the data of write syscall when the syscall is directed towards some specific file otherwise do original write syscall.
Now from where I can modify the write syscall. Also, I want the name of the file to which syscall is directed how can I get that from the file descriptor argument in write syscall.
I have tried the LD_PRELOAD trick but it only works on the library calls not on syscalls.
I am using ubuntu 18.04.
I would suggest you to write own small device driver (I suggest to look at simple misc device driver). So you will have a file, where you implement the write/read/open/close syscalls. This way you can keep the file in /dev/ filesystem and you 'intercept' all operations on the file misc dev example. If you don't want to implement everything in the kernel space you can take a look to the FUSE driver (you simply mount the fuse filesystem somewhere in the fs and you can also control the file operations but from the userspace now) fuse docs or fuse example
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I know that usb packets have a very specific format, but I would like to write those packets my self, I know that usb_control_msg is kind of an interface to control packets, but this function is already responsible from sending the setup_token, in/out token, and probably checks ACKS. How could I construct these packets myself and then sending them?
Seems like that what you want is to write your own usb host driver. I suggest you to try analyse existing usb host drivers (ehci/xhci) and then try to write your own driver, but be aware of this that this is not easy task to do. Notice also that it is not possible to exist more that one driver for given usb host controller (ehci/xhci). If you really want to do those things you need to know perfectly both: USB protocol and ehci/xhci specification which may take a lot of time. Also strong experience in writing Linux drivers is required. As I said it is not easy task.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
There is a program that scans the memory of my machine to find what programs I am using. I want to avoid this.
Is there any solution to forbid this other program from checking my memory, so it will only see its own memory?
I'm using windows.
The only way I know of for one process to read another process's memory is via ReadProcessMemory(), which requires the reading process to use OpenProcess() to obtain PROCESS_VM_READ permission to the process being read. So, presumably that is succeeding, which means the reading process has adequate permission to access your app's memory, such as if the reading app is running as an admin, or is a debugger. In which case, there is not much your app can do to block it, except either alter its own security descriptor via SetSecurityInfo() (but OpenProcess() allows debuggers to bypass that descriptor and gain full access), or set your app to run with a higher integrity level (Vista and later only) than the reading app uses so that PROCESS_VM_READ permission is denied.
Refer to MSDN for more details:
Process Security and Access Rights
I always use the sandbox that comes with Avast Antivirus (www.avast.com). It allows you to run applications in a completely isolated environment.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I want to execute c++ binary in terminal without inputting "./a.out", just typing "a.out"
In my school's PC(solaris10), I can just type a.out and the program executed. However, on my PC's solaris11 doesn't accept just "a.out".
I believe there is a way to make it possible. If you know, please tell me.
If possible, I want to know the instruction fo solaris, Ubuntu and macOS X, because I usually use Ubuntu and mac.
Thanks in advance!!
It sounds, like the PATH variable has been set to include the home directory at your schools PC. You see, each time you enter a command without a path, it searches your entire PATH (which can consist of multiple paths) for something that matches the filename you supplied and executes the first thing it finds.
Check this link for some instructions: http://www.troubleshooters.com/linux/prepostpath.htm
Either you do a temporary fix, with
PATH=$PATH:/data/myscripts
or you edit the hidden file .bash_profile in your home directory for a more permanent fix.
I hope this helps.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Is there any way to block access to some particular file or folder in MacOS X, so that it can be protected by password, system-wide?
I want to use it in Cocoa based program, but before that I just want to know at least general possible methods of accomplishing it.
As far as I know POSIX file access system doesn't allow to protect something with password.
I was thinking about creating additional user account with dedicated password and then setting this user as an owner of a file with chmod. In terminal it seemed to work, but that is quite bad way, I think, since that is a sort of permission problem. And you need to change user in terminal for that. I don't think that can be done if one wants to access it through regular application like Finder.
So does anybody know better ways?
To create a password protected "folder" you can use an encrypted disk image and mount it at the location you require the folder. The command hdiutil can be used to create, mount, unmount etc. such disk images. Use the the -plist option to easily drive the hdiutil command from Objective-C.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
Is it possible, in a Windows batch file, to test if a certain drive letter was mounted by TrueCrypt?
I think this is not possible. You could get much information with wmic logicaldisk but nothing will indicate that Truecrypt assigned the drive letter.
As an Idea: (for anyone still finding this post)
You could make this C# Script over at the post #18021118 (which accesses truecrypt to retrive mount information) (there is also a VeraCrypt version over there.) ...
into a commandline tool to be used from your windows batch (added a simple example here: http://github.com/BananaAcid/VeraCrypt-Cmd - replace the get mounts file with the one from the readme within)
or use it directly with powershell
or with an additional binary wich executes scripts on the windows NET Framework without compiling: cs-script.