Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   EXT3 Users (http://www.linux-archive.org/ext3-users/)
-   -   Unable to change the 'name' field from 'ext3_dir_entry_2' structure. (http://www.linux-archive.org/ext3-users/59376-unable-change-name-field-ext3_dir_entry_2-structure.html)

Theodore Tso 03-21-2008 11:38 AM

Unable to change the 'name' field from 'ext3_dir_entry_2' structure.
 
On Fri, Mar 21, 2008 at 05:46:57PM +0530, ashish mahamuni wrote:
> Hello everybody,
>
> I am trying to rename the file/directory by renaming the 'name' field from ext3_dir_entry_2 structure.
>
> I can easily do it for directories.
>
> I am reading the structure then I change this field, and writing it back as it is.
>
> New file name length will be similar as the old(just for simplicity).
>
> But whenever I do this for file. It doesn't do any thing.
>
> 'write' sys call gets execute properly. Next time if I read dir entry for this file it shows me older one.
>
> Am I doing anything wrong?

#1. *Why* are you trying to do this?

#2. Are you doing this on an unmounted filesystem? Or is the
filesystem mounted when you tried to modify the filesystem directly
using the write system call?

- Ted

_______________________________________________
Ext3-users mailing list
Ext3-users@redhat.com
https://www.redhat.com/mailman/listinfo/ext3-users

ashish mahamuni 03-22-2008 06:47 AM

Unable to change the 'name' field from 'ext3_dir_entry_2' structure.
 
1: I am trying to write a tool to hide a file/directory.
So I am changing the 'name' field to NULL.
Directories get hide properly. But nothing for file(Unable to change the 'name' field)

2: Of course filesystem is mounted.


--- On Fri, 21/3/08, Theodore Tso <tytso@MIT.EDU> wrote:

> From: Theodore Tso <tytso@MIT.EDU>
> Subject: Re: Unable to change the 'name' field from 'ext3_dir_entry_2' structure.
> To: "ashish mahamuni" <ashitpro@yahoo.co.in>
> Cc: ext3-users@redhat.com
> Date: Friday, 21 March, 2008, 6:08 PM
> On Fri, Mar 21, 2008 at 05:46:57PM +0530, ashish mahamuni
> wrote:
> > Hello everybody,
> >
> > I am trying to rename the file/directory by renaming
> the 'name' field from ext3_dir_entry_2 structure.
> >
> > I can easily do it for directories.
> >
> > I am reading the structure then I change this field,
> and writing it back as it is.
> >
> > New file name length will be similar as the old(just
> for simplicity).
> >
> > But whenever I do this for file. It doesn't do any
> thing.
> >
> > 'write' sys call gets execute properly. Next
> time if I read dir entry for this file it shows me older
> one.
> >
> > Am I doing anything wrong?
>
> #1. *Why* are you trying to do this?
>
> #2. Are you doing this on an unmounted filesystem? Or is
> the
> filesystem mounted when you tried to modify the
> filesystem directly
> using the write system call?
>
> - Ted


Unlimited freedom, unlimited storage. Get it now, on http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/


_______________________________________________
Ext3-users mailing list
Ext3-users@redhat.com
https://www.redhat.com/mailman/listinfo/ext3-users

Theodore Tso 03-22-2008 11:29 AM

Unable to change the 'name' field from 'ext3_dir_entry_2' structure.
 
On Sat, Mar 22, 2008 at 01:17:04PM +0530, ashish mahamuni wrote:
> 1: I am trying to write a tool to hide a file/directory.
> So I am changing the 'name' field to NULL.
> Directories get hide properly. But nothing for file(Unable to change the 'name' field)

So you're deliberately corrupting the filesystem. This wouldn't be
for some university class assignment, would it?

> 2: Of course filesystem is mounted.

Well, there's your problem. The name is cached in the kernel's dentry
cache. It won't necessarily work for directories, either, BTW. I
think you've just been getting lucky.

- Ted

_______________________________________________
Ext3-users mailing list
Ext3-users@redhat.com
https://www.redhat.com/mailman/listinfo/ext3-users

ashish mahamuni 03-23-2008 05:13 PM

Unable to change the 'name' field from 'ext3_dir_entry_2' structure.
 
ok..
I'll find some other way to hide the file/directory..
Can you suggest me the better and secure way to modify the dentry?
I mean, which one should I modify? On disk structure or kernel cache(I guess this is what we called as memory data structure).
Certainly this question is not only for dentry. The case should be common while modifying other data structures also.



--- On Sat, 22/3/08, Theodore Tso <tytso@MIT.EDU> wrote:

> From: Theodore Tso <tytso@MIT.EDU>
> Subject: Re: Unable to change the 'name' field from 'ext3_dir_entry_2' structure.
> To: "ashish mahamuni" <ashitpro@yahoo.co.in>
> Cc: ext3-users@redhat.com
> Date: Saturday, 22 March, 2008, 5:59 PM
> On Sat, Mar 22, 2008 at 01:17:04PM +0530, ashish mahamuni
> wrote:
> > 1: I am trying to write a tool to hide a
> file/directory.
> > So I am changing the 'name' field to NULL.
> > Directories get hide properly. But nothing for
> file(Unable to change the 'name' field)
>
> So you're deliberately corrupting the filesystem. This
> wouldn't be
> for some university class assignment, would it?
>
> > 2: Of course filesystem is mounted.
>
> Well, there's your problem. The name is cached in the
> kernel's dentry
> cache. It won't necessarily work for directories,
> either, BTW. I
> think you've just been getting lucky.
>
> - Ted


Save all your chat conversations. Find them online at http://in.messenger.yahoo.com/webmessengerpromo.php


_______________________________________________
Ext3-users mailing list
Ext3-users@redhat.com
https://www.redhat.com/mailman/listinfo/ext3-users

Theodore Tso 03-23-2008 11:19 PM

Unable to change the 'name' field from 'ext3_dir_entry_2' structure.
 
On Sun, Mar 23, 2008 at 11:43:02PM +0530, ashish mahamuni wrote:
>
> ok..
> I'll find some other way to hide the file/directory..
> Can you suggest me the better and secure way to modify the dentry?
> I mean, which one should I modify? On disk structure or kernel cache(I guess this is what we called as memory data structure).
> Certainly this question is not only for dentry. The case should be common while modifying other data structures also.

So what's the high level problem? *Why* are you trying to hide file
names or directories?

I repeat, is this for a university problem set or project?

Or is there a practical real-life use for it. If so, *what* is the
practical real-life use? What are you trying accomplish at the high
level, and why is it useful to try to hide filenames or directories?

Is this for a root kit, where you are trying to write malware?

- Ted

_______________________________________________
Ext3-users mailing list
Ext3-users@redhat.com
https://www.redhat.com/mailman/listinfo/ext3-users

ashish mahamuni 03-24-2008 05:42 AM

Unable to change the 'name' field from 'ext3_dir_entry_2' structure.
 
Oh sir,
This is not any university problem set or project.
It really dont have any practical real-life use.
This is not a root kit or any malware.

I just want to learn the file system(ext2/ext3).
I know there are number of books on filesystem,but my way of learning is bit different. I don't like thearotical ways. I like practical implementions.
So I thought why not to start with some little tool like hiding file.
If you don't like my idea,then suggest me somthing different which has some practical use.

Thanks
Ashish


--- On Mon, 24/3/08, Theodore Tso <tytso@MIT.EDU> wrote:

> From: Theodore Tso <tytso@MIT.EDU>
> Subject: Re: Unable to change the 'name' field from 'ext3_dir_entry_2' structure.
> To: "ashish mahamuni" <ashitpro@yahoo.co.in>
> Cc: ext3-users@redhat.com
> Date: Monday, 24 March, 2008, 5:49 AM
> On Sun, Mar 23, 2008 at 11:43:02PM +0530, ashish mahamuni
> wrote:
> >
> > ok..
> > I'll find some other way to hide the
> file/directory..
> > Can you suggest me the better and secure way to modify
> the dentry?
> > I mean, which one should I modify? On disk structure
> or kernel cache(I guess this is what we called as memory
> data structure).
> > Certainly this question is not only for dentry. The
> case should be common while modifying other data
> structures also.
>
> So what's the high level problem? *Why* are you trying
> to hide file
> names or directories?
>
> I repeat, is this for a university problem set or project?
>
> Or is there a practical real-life use for it. If so,
> *what* is the
> practical real-life use? What are you trying accomplish at
> the high
> level, and why is it useful to try to hide filenames or
> directories?
>
> Is this for a root kit, where you are trying to write
> malware?
>
> - Ted


Did you know? You can CHAT without downloading messenger. Go to http://in.messenger.yahoo.com/webmessengerpromo.php/


_______________________________________________
Ext3-users mailing list
Ext3-users@redhat.com
https://www.redhat.com/mailman/listinfo/ext3-users


All times are GMT. The time now is 12:17 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.