> -----Original Message----- > From: Yin, Kangkai > Sent: Monday, January 06, 2014 7:48 PM > To: Schaufler, Casey > Cc: Yin, Kangkai; Yang, Chengwei; [email protected] > Subject: Re: [Dev] Important Tizen 3 package installation details! > > On 2014-01-07, 00:11 +0800, Schaufler, Casey wrote: > > > -----Original Message----- > > > From: [email protected] > > > [mailto:[email protected]] On Behalf Of Yin Kangkai > > > Sent: Monday, January 06, 2014 5:51 AM > > > To: Yang, Chengwei > > > Cc: [email protected] > > > Subject: Re: [Dev] Important Tizen 3 package installation details! > > > > > > On 2014-01-06, 19:57 +0800, Yang Chengwei wrote: > > > > On Mon, Jan 06, 2014 at 12:20:07PM +0100, Patrick Ohly wrote: > > > > > On Mon, 2014-01-06 at 18:11 +0800, Yang Chengwei wrote: > > > > > > On Thu, Jan 02, 2014 at 10:48:16PM +0000, Schaufler, Casey wrote: > > > > > > > You can change the Smack label of your process to “_” by: > > > > > > > > > > > > > > > > > > > > > > > > > > > > # echo _ > /proc/self/attr/current > > > > > > > > > > > > Isn't the /proc/self point to the current "echo" process? > > > > > > > > > > Not always. This relies on echo being a builtin command of the > > > > > current shell, so the command really does change the label of > > > > > the current shell process when using e.g. bash. > > > > > > > > Oh, yes, there is a builtin echo in bash, so echo always the > > > > builtin one rather the one from coreutils. Thanks! > > > > > > Hi, even echo is not the builtin one, > > > > > > # echo _ > /proc/self/attr/current > > > > > > will still change the shell label, because it's shell/bash open the > > > /proc/self/attr/current, not /bin/echo. that's my understanding. > > > > Run the experiment! > > > > It does need to be the builtin. The fork() occurs before the > > redirection in the shell, so the process that opens > > /proc/self/attr/current is the one that exec()s /bin/echo, not the one > > the remains the shell. > > Thanks for the correction. I run the test, and you're right, it needs to be > the > builtin echo. > > I was mislead by some googled article [1], and thought fork() happens after > open() :) > > Also tried to read the bash code and did some experiments, it's too hard for > my brain to understand the code there... give up :p
No worries. I understand. The original Bourne shell (sh) was written using macros so that the C code would look like ALGOL68. No one was ever tempted to write a program in ALGOL68 after that. You are not expected to read the code for command interpreters or text processors (e.g. nroff). Doing so can cause irreparable damage that can lead you to think that working in security is a good idea. > Thanks, > Kangkai > > [1]: http://www.sarathlakshman.com/2012/09/24/implementation- > overview-of-redirection-and-pipe-operators-in-shell/ _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
