On Thu, 2005-06-09 at 17:31 +0100, antoine wrote:
> > > Now, if someone could have a look at hppfs I could resurect my
> > > honeypots.
> > I've not the time, however test the attached patches. The first one fixes 
> > the 
> > basical bugs; the second one could be needed to fix a fd leak... but I 
> > don't 
> > think it's needed at all, so test with only the first and let me know if 
> > the 
> > 2nd is needed, or if there are any problems (in that case, a ready-to-use 
> > hppfs configuration + explaination would be happily accepted, I've really 
> > little time now).
> Works fine with just the first patch. Thank you very much!
Small correction: local file override works fine (files in the host's
fake proc appear in the guest's /proc) but I can't get the honeypot.pl
script to interact with it. 
So for now, I'll have to hardcode all the values I want to hide and hope
that no software is going to rely on them.

I've used the one that was previously working:

#
# Copyright (C) 2002, 2003 Jeff Dike ([EMAIL PROTECTED])
# Licensed under the GPL
#

use hppfs;
use hppfslib;
use strict;

my $dir;

@ARGV and $dir = $ARGV[0];

my $hppfs = hppfs->new($dir);

my $remove_filesystems = remove_lines("hppfs", "hostfs");
my $remove_mtd_nbd_ubd = remove_lines("mtd", "nbd", "ubd");

# Need to be able to add directories, i.e. driver, bus/pci
# partitions needs work
# slabinfo if UML ever uses the slab cache for anything

$hppfs->add("dma" => proc("dma"),
            "devices" => remove_lines("ubd"),
            "exitcode" => "remove",
            "diskstats" => "remove",
            "devices" => $remove_mtd_nbd_ubd,
            "filesystems" => $remove_filesystems,
            "interrupts" => "remove",
            "iomem" => proc("iomem"),
            "mm" => "remove",
            "ioports" => proc("ioports"),
            "kcore" => "remove",
            "mounts" => $remove_filesystems,
            "misc" => "remove",
            "pid/mounts" => $remove_filesystems,
            "partitions" => "remove",
            "stat" => proc("stat"),
            "uptime" => proc("uptime"),
            dup_proc_dir("bus", $dir) );

$hppfs->handler();




-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.  How far can you shotput
a projector? How fast can you ride your desk chair down the office luge track?
If you want to score the big prize, get to know the little guy.  
Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

Reply via email to