* David Wagner <dawat_private> [010412 18:02]: > It seems that there's a natural way to attach state to a process. Add a > 'security_state' field to the task_struct which contains a pointer > to a linked list of 'void *' pointers (one per module interested in > this process). Allow modules to register hooks on process creation and > deletion to allocate and de-allocate any memory needed. Provide a way > for a module to get and set a 'void *' pointer to be associated with > a process. What would happen to the security_state field in the task_struct for processes already running before the module is loaded? Would the module, during load, iterate through all processes and update their security pointers? Would the module, during unload (is unloading something we really want to support? :), iterate through all processes and return the security handler information a null or default state? Or, could the security_state field in each process be unique? (Would it be a linked list to other security modules that were in effect when the process was forked? This would allow each security module to be consulted in turn..) :) -- Earthlink: The #1 provider of unsolicited bulk email to the Internet.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:15:28 PDT