intercepting system calls

From: David Wagner (dawat_private)
Date: Thu Apr 12 2001 - 17:52:40 PDT

Next message: David Wagner: "intercepting system calls"

Previous message: David Wagner: "intercepting system calls"
In reply to: Scott Leerssen: "intercepting system calls"
Next in thread: David Wagner: "intercepting system calls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Scott Leerssen  wrote:
>3) let process credentials follow objects involved in IPC, such as
>   sockets, semaphores, shared memory.  A simple void * on things such
>   as sk_buf would allow security devlepers to tag along security
>   attributes.

Yup, I like this quite a bit.

However, one slightly tricky bit is how to deal with incoming
messages before you know who the eventual recipient will be,
if your 'void *' depends on the recipient.  Any ideas how to
deal with this?  Does this come up in practice?  Can we punt?

Next message: David Wagner: "intercepting system calls"
Previous message: David Wagner: "intercepting system calls"
In reply to: Scott Leerssen: "intercepting system calls"
Next in thread: David Wagner: "intercepting system calls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:15:27 PDT