Directory Watcher
Directory Watcher was written to aid in the discovery of race conditions. It has multiple speed settings, the fastest of which can even catch a successive link() unlink(). It also has the ability to filter files based on user, group, suid bit, and wildcard (*?) file names.
| Tags | Security |
|---|---|
| Licenses | GPL |
| Operating Systems | POSIX Linux |
| Implementation | C++ |
Recent releases
- 08 Jul 2001 01:08
No changes have been submitted for this release.
Recent comments
Re: Another one
> Directory watcher looks a lot like
> Eliott :
>
>
> Eliott is more agressive and faster
> because it uses the dnotify API. But it
> only works with Linux.
I had not previously seen/heard of Elliot. However, during a comparison Elliot was unable to detect the following file creations, which is what I originally wrote this program for, to aid me in the hackerslab contest last year.
#include <stdio.h>
#include <unistd.h>
int main(int argc, char **argv)
{
unlink("tmp/1");
symlink("tmp/2", "tmp/1");
unlink("tmp/1");
unlink("tmp/a_file");
symlink("tmp/a_link", "tmp/a_file");
unlink("tmp/a_file");
unlink("tmp/another_file");
symlink("tmp/another_link", "tmp/another_file");
unlink("tmp/another_file");
}
Another one
Directory watcher looks a lot like Eliott :
www.jedi.claranet.fr/e... (www.jedi.claranet.fr/e...)
Eliott is more agressive and faster because it uses the dnotify API. But it only works with Linux.
pedram
06 Jul 2001 23:39
Heartbeat
- Popularity Score
- 9.00
- Vitality Score
- 1.00
- Subscriptions
- 0
