Huagang Xie wrote: > Hi, > > Based on the implementation of LIDS, I suggest the following functions to > hook in LSM, some hookers do not cover in LIDS but I think it is nessary, [ I guess most hookers don't cover, anywhere. ;-) ] > > such as Network and IPC, > > 0) Basic kernel service, sys_fork() and sys_execve() > > 1) Filesystem's Hook, LIDS intercept the following function, > <1> open_namei() for checking sys_open(), LIDS do not check > read()/write(). > <2> > sys_rmdir(),sys_unlink(),sys_symlink(),s > ys_link(),sys_rename(),__namei(), sys_mknod(),sys_mkdir(). > > <3> sys_truncate(), sys_access(), sys_fchmod(), sys_chmod(), > > 2) Capability Hooker, capable() in include/linux/sched.h. > 3) Network Hooker, .... > 4) IPC hooker, ... > 5) more... > > I hope this may help, Any suggestion? Just a general concern, which might be trivial. I'm not a kernel hacker, nor a security expert, so bear with me please. ;-) Hooking into every (security related) piece of kernel code obviously does provide a framework, on top of which a security policy can be implemented, that covers every kernel resource you might want to monitor or protect from unauthorized use. However, this does *not* offer complete protection. It might even introduce vulnerabilities, 'cause if I can hook into the kernel to prevent something from happening, my paranoid other half realizes that someone else could as well. I can set all the permissions I want, but if someone thrashes my DNS, I'm screwed. (So do we want to hook into signal() to catch segfaults?) If someone takes an axe to my webserver, I'm screwed. (So do we want to hook into the webcam driver so we can detect motions in the server room?) Please don't think I'm ridiculing here. I'm just concerned that a lot of so-called security measures are *not* secure or provide a false sense of security. And: a lot of effort put into features that no-one will (or *should*) use. The French thought they'd be safe behind the Maginot line until they saw the Germans coming from the other side. So what *exactly* do we need to protect? > Huagang > > -- > Happy Hacking Cheers, Buddy PS: I realize that most of this has already been discussed here and there on this list, most of the times more detailed, but I just want to rub your noses in it and see what you think. ;-) _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Apr 18 2001 - 03:44:59 PDT