intercepting system calls

From: David Wagner (dawat_private)
Date: Thu Apr 12 2001 - 18:07:59 PDT

Next message: David Wagner: "Specifications (the beginning)"

Previous message: David Wagner: "intercepting system calls"
In reply to: Jesse Pollard: "intercepting system calls"
Next in thread: David Wagner: "intercepting system calls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jesse Pollard  wrote:
>have to mediate mmap too.

Why?  In Janus, we pushed all these checks to open().
[For instance, mmap() won't lead you write to a file opened read-only.]

Probably I'm overlooking something.  I'd love to be enlightened.

>Part of the difficulty is in determining what is/should be part of the
>security context.

Why?  This should be up to the module to decide for itself what
is relevant to its particular policy.  What am I missinng?

Next message: David Wagner: "Specifications (the beginning)"
Previous message: David Wagner: "intercepting system calls"
In reply to: Jesse Pollard: "intercepting system calls"
Next in thread: David Wagner: "intercepting system calls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:15:27 PDT