buddy wrote: > However, this does *not* offer complete protection. It might even > introduce vulnerabilities, 'cause if I can hook into the kernel to prevent > something from happening, my paranoid other half realizes that someone > else could as well. > > I can set all the permissions I want, but if someone thrashes my DNS, > I'm screwed. (So do we want to hook into signal() to catch segfaults?) > If someone takes an axe to my webserver, I'm screwed. (So do we want > to hook into the webcam driver so we can detect motions in the server room?) I think you're missing the concept. You need root privileges to be able to load modules. Many of the security modules will actually disable further module loading and unloading. So once your machine is booted and running the security module of your choice, the LSM interface does not present an additional threat, regardless of what someone does to (say) your DNS server. Crispin P.S. My thanks to Huagang for actually providing the spec of desired hooks for LIDS. That's what we really need to be discussing here. -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Apr 18 2001 - 10:13:53 PDT