-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
executable file
·37 lines (25 loc) · 2.15 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
ftransferd is a very simple file transfer daemon that only supports a client
downloading files from the server. The protocol used in the daemon consists of
sending a username and a file name to be requested. The daemon will look in a
directory called public_ftransfer in the home directory of the user specified
in the request for the file specified. The server does not do any form of
authentication so a client can request files from any user's home directory.
Files:
ftransfer.c - Client used for connecting to the ftransferd server. Syntax for
the command can be seen by just running it with no arguments.
ftransferd.c - ftransferd server described above.
ftransferd.init - init script to start and stop ftransferd. Allows us to
confine the domain as an init daemon.
Makefile - Top level make file. Has targets to make and install the client,
server, and policy.
policy/ - Directory holding policy for ftransferd
policy/ftransferd.fc - File contexts for ftransferd files. contains entries for
the server daemon, directories in the user's home directory, and the init
script.
policy/ftransferd.if - Interfaces associated with the ftransferd policy. This was autogenerated by sepolgen-gui. These interfaces are most likely not needed
policy/ftransferd.te - The main policy file containing all of the type enforcement rules. Most of this was generated by sepolgen-gui but the lines at the end pertaining to the user home directory files was added after the fact.
Types:
ftransferd_t: This type is the domain that the ftransferd server runs in. Most policy rules added will be against this type.
ftransferd_exec_t: This is the type applied to the ftransferd binary on disk. It is the only valid entry point type for the ftransferd_t domain.
ftransferd_initrc_exec_t: This is the type assigned to the init script. This allows us to write the proper transition rules so that when the ftransferd program is started as a service it runs as ftransferd_t with the correct user.
ftransferd_content_t: This is the file types assigned to the public_ftransfer directory and all files under it within the user's home directory. This is the only type that the ftransferd daemon is allowed to read.