def cb_check_file_write_link (s1, s2): if s1.belongs_to([SYS_stat, SYS_stat64]): return True if s1.is_a(SYS_access) and \ s1.mode != fcntl.W_OK and s1.mode != fcntl.F_OK: return False if s2.is_a(SYS_open): return fcntl.has_W(s2.flag) return True
def link_attack_generator(s1, s2): if (s2.is_a(SYS_open) and fcntl.has_W(s2.flag)) or s2.is_a(SYS_truncate): key = 'mtime' elif (s2.is_a(SYS_open) and fcntl.has_R(s2.flag)) or s2.is_a(SYS_execve): key = 'atime' elif s2.is_a(SYS_chmod): key = 'mode' elif s2.is_a(SYS_chown): key = 'owner' elif s2.is_a(SYS_link): key = 'ino' else: assert False, 'The system call is not handled' return '%s %s' % (syscalls.get_resource_path(s2), key)