Re: Hooking into Linux using the Linux Trace Toolkit

Previous message: Huagang Xie: "Re: ideas on interface (was Be careful please)"
In reply to: Karim Yaghmour: "Hooking into Linux using the Linux Trace Toolkit"
Next in thread: Karim Yaghmour: "Re: Hooking into Linux using the Linux Trace Toolkit"
Next in thread: Greg KH: "Re: Hooking into Linux using the Linux Trace Toolkit"
Reply: Karim Yaghmour: "Re: Hooking into Linux using the Linux Trace Toolkit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

xieat_private

> 
> That being said, I've since added an event-driven state machine
> engine which can be provided with a state machine descriptions
> who's progression is dictated by the events that occur.
> This could easily be used to implement strict security
> policies.

The state machine is very interesting, may be we can trace a sequence
system call to check if it is illegal or harmful to the system. Like an
IDS..;-).. 

I think the state machin will be very useful to be as a part of
"Decider" which phil said..

-Huagang.
> 
> Cheers,
> 
> Karim
> 
> ===================================================
>                  Karim Yaghmour
>                karymat_private
>       Embedded and Real-Time Linux Expert
> ===================================================
> 
> _______________________________________________
> linux-security-module mailing list
> linux-security-moduleat_private
> http://mail.wirex.com/mailman/listinfo/linux-security-module
> 

-- 
Happy Hacking

LIDS secure linux kernel
http://www.lids.org/

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module