是否在sys / stat.h中定义了Mac系统完整性保护
[英]Is Mac System Integrity Protection defined within the sys/stat.h
问题描述
I've done some hunting around on the internet and have not found a good way of programmatically determining if a given file has integrity detection turned on. 
我已经在互联网上做了一些狩猎,并没有找到一种以编程方式确定给定文件是否已启用完整性检测的好方法。
I noticed that, unlike most linux headers I have run across, Darwin doesn't define their st_mode bits in the stat struct defined in /sys/stat.h. 我注意到,与我遇到的大多数linux头文件不同,Darwin没有在/sys/stat.h中定义的stat结构中定义它们的st_mode位。 It seems like the best way to implement this would be to work off the existing sys/stat.h header however, it's obvious why they would not want to be open about it. 似乎实现这一点的最好方法是解决现有的sys / stat.h头文件,但很明显,为什么他们不想对它开放。 Has anyone looked into this more? 还有人调查过这个吗?
Edit 编辑
Bases on Ken Thomases suggestion my if check looks like this. Ken Thomases的基础建议我,如果支票看起来像这样。 Looking at the comments in the source it appears as though this should work, however it is still attempting to enter directories such as: "/Users/<USER>/Library/IdentityServices" Causing a segmentation fault. 查看源代码中的注释,看起来好像这应该有效,但它仍然在尝试输入目录,例如:“/ Users / <USER> / Library / IdentityServices”导致分段错误。 FYI I have tested it with and without preprocessor IFDEF statements. 仅供参考我使用和不使用预处理器IFDEF语句对其进行了测试。
if(
(entry->d_type == DT_DIR)
&& ((fileStat.st_flags & SF_RESTRICTED) == 0)
&& (((fileStat.st_mode & 5) == 5)
|| (((fileStat.st_mode & 40) == 40)
&& (fileStat.st_gid == userHomeStat.st_uid))
|| (((fileStat.st_mode & 320) == 320)
&& (fileStat.st_uid == userHomeStat.st_uid))))
{
std::cout<< "Decending into --> " << fullPath.c_str() <<std::endl;
packIndexFrom((fullPath).c_str());
}
EDIT 编辑
https://developer.apple.com/library/archive/documentation/Security/Conceptual/System_Integrity_Protection_Guide/FileSystemProtections/FileSystemProtections.html#//apple_ref/doc/uid/TP40016462-CH2-SW1
I found this on Apple's website. 我在Apple的网站上发现了这个。 It seems to indicate that the $HOME/Library area, which is where I am getting hung up falls under some type of restriction, with exclusive r/w access for developers. 它似乎表明$ HOME / Library区域,这是我被挂起的地方属于某种类型的限制,开发人员具有独家的r / w访问权限。 Doesn't solve my problem unfortunately. 不幸的是,没有解决我的问题。
Edit 编辑
Dans-MBP:tmp mreff555$ cd ~/Library/IdentityServices/
Dans-MBP:IdentityServices mreff555$ pwd
/Users/mreff555/Library/IdentityServices
Dans-MBP:IdentityServices mreff555$ ls
ls: .: Operation not permitted
Dans-MBP:IdentityServices mreff555$
Dans-MBP:IdentityServices mreff555$ ls -ldO ~/Library/IdentityServices
drwxr-xr-x 9 mreff555 staff - 288 Apr 14 10:04 /Users/mreff555/Library/IdentityServices
1 个解决方案
解决方案1
3 已采纳 2019-04-20 05:39:09
There are flags that are separate from the mode flags. 有些标志与模式标志分开。 You're looking for the SF_RESTRICTED flag in the st_flags field of struct stat . 您正在寻找struct stat的st_flags字段中的SF_RESTRICTED标志。 That flag is, in fact, defined in sys/stat.h. 事实上,该标志在sys / stat.h中定义。
The mode flags (eg S_IRUSR ) are defined in sys/_types/_s_ifmt.h, which is indirectly included by sys/stat.h. 模式标志(例如S_IRUSR )在sys / _types / _s_ifmt.h中定义,它由sys / stat.h间接包含。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.