------- =_aaaaaaaaaa0 Content-Type: text/x-pgp; charset="us-ascii" Content-ID: <22906.791264012.1@merde.dis.org> Content-Description: Pgp signed cleartext -----BEGIN PGP SIGNED MESSAGE----- Here is a program that does some of what der Mouse's device driver does but runs as program that edits /dev/kmem to disable the device /dev/vd. I did what can to bullet proof the code so that it does not stomp on the wrong device driver. Written and tested under 4.1.3u1 -Pete shipley@dis.org -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLym6sXynuL1gkffFAQG7FAH+MJ/fdxXDHsppsWTaBWJ78EnKlCRglK8w x1VF5tudzrqYPcc5alrulZJAUCNM3GTLReerHucxeROOqYjVKmAzCQ== =5xve -----END PGP SIGNATURE----- ------- =_aaaaaaaaaa0 Content-Type: text/plain; charset="us-ascii" Content-ID: <22906.791264012.2@merde.dis.org> Content-Description: noload.shar #! /bin/sh mkdir Noload cd Noload #! /bin/sh echo x - Makefile cat >Makefile <<'!E!O!F!' CC=gcc -Wall #CC=cc CFLAGS=-g -pipe noload: noload.o $(CC) -g -pipe -o $@ $@.o -lkvm yesload: yesload.o $(CC) -g -pipe -o $@ $@.o -lkvm clean: /bin/rm -f noload noload.o !E!O!F! #! /bin/sh echo x - README cat >README <<'!E!O!F!' noload.c by Peter Shipley <shipley@complete.dis.org> Fri Jan 27 03:02:59 PST 1995 inspired by a device driver by der Mouse <mouse@Collatz.McRCIM.McGill.EDU> This program disables and open and ioctl of /dev/vd thus blocking modload and modstat from from funtioning. The use of this is to disable people (crackers) from installing "unwanted" drivers. !E!O!F! #! /bin/sh echo x - noload.c cat >noload.c <<'!E!O!F!' /* noload.c by Peter Shipley */ /* Fri Jan 27 03:02:59 PST 1995 */ /* this program disables and open and ioctl of /dev/vd */ /* thus blocking modload from funtioning. */ /* inspired by a device driver by der Mouse <mouse@Collatz.McRCIM.McGill.EDU> */ #include <stdio.h> #include <kvm.h> #include <fcntl.h> #include <nlist.h> #include <sys/conf.h> static struct nlist nl[] = { { "_cdevsw" }, #define CDEVSW 0 { "_vdopen" }, #define VDOPEN 1 { "_vdclose" }, #define VDCLOSE 2 { "_nodev" }, #define NODEV 3 { "" }, }; #define nlsize (sizeof (nl) / sizeof (struct nlist)) #define VD 57 static char *kmemf, *swapf, *nlistf; static kvm_t *kvmp; static struct cdevsw cd; static struct cdevsw *cd_p; extern errno; int printf(); int fprintf(); void exit(); static debug=0; int main(ac, av) int ac; char *av[]; { int i; /* open the kmem device */ kvmp = kvm_open(nlistf, kmemf, swapf, O_RDWR, av[0]); /* if kvm_open had failed it would have printed at error string for us */ if(kvmp == NULL) { exit(1); } /* get the name list from the kernal */ i = kvm_nlist(kvmp, nl); /* test that we obtained the namelist we wanted */ if ( i > 0 ) { (void) fprintf(stderr, "%s: kvm_nlist failed to read all symbols, aborting...\n", av[0]); exit(1); } if (debug) { (void) printf("n_name = %s n_type=%x n_value=%x\n", nl[CDEVSW].n_name, nl[CDEVSW].n_type, nl[CDEVSW].n_value); (void) printf("n_name = %s n_type=%x n_value=%x\n", nl[VDOPEN].n_name, nl[VDOPEN].n_type, nl[VDOPEN].n_value); (void) printf("n_name = %s n_type=%x n_value=%x\n", nl[NODEV].n_name, nl[NODEV].n_type, nl[NODEV].n_value); } /* calc the address the the 57'th array index */ cd_p = &( ((struct cdevsw *) nl[0].n_value)[VD]); if(debug) { (void) printf("%x %x\n", (int) nl[0].n_value, (int) cd_p); } /* read in the 57'th index if cdevsw */ (void) kvm_read(kvmp, cd_p, &cd, sizeof(struct cdevsw)); /* test that we got the right one */ if( (caddr_t) cd.d_close != (caddr_t) nl[VDCLOSE].n_value ) { (void) fprintf(stderr, "%s: Error loadable modules interface driver no at index %d, aborting...\n", av[0], VD); exit(1); } /* test that we have not done this already */ if( (caddr_t) cd.d_open == (caddr_t) nl[NODEV].n_value ) { (void) fprintf(stderr, "%s: loadable modules interface driver has already been disabled, exiting..\n", av[0]); exit(1); } cd.d_open = (caddr_t) nl[NODEV].n_value; cd.d_ioctl = (caddr_t) nl[NODEV].n_value; /* update the entery in the character device table */ i = kvm_write(kvmp, cd_p, &cd, sizeof(struct cdevsw)); /* report the sucess of the write */ if (i == sizeof(struct cdevsw) ) { (void) printf("%s: loadable modules interface driver is now disabled\n", av[0]); } else { (void) printf("%s: write error occored while updating the character device table\n", av[0]); } /* it is safe to ignore the result of this operation */ (void) kvm_close(kvmp); exit(0); } !E!O!F! cd .. ------- =_aaaaaaaaaa0--