Re: 2001_05_09 patch against 2.4.4

From: Greg KH (gregat_private)
Date: Thu May 10 2001 - 20:51:47 PDT

  • Next message: jmjonesat_private: "LSM Benchmarks -- lsm-2001_05_09"

    On Thu, May 10, 2001 at 10:58:54PM +0100, Chris Evans wrote:
    > 2) I see, currently, that syscalls are not hooked in a generic manner.
    > From exceptionally brief scanning of the archives, this seems to be a
    > debated point.
    > Are there plans to hook syscalls? If not, I can make a very strong
    > argument to do so. Let me know if you want to hear it.
    Do you want to hook syscalls in a different manner than the current
    ability to hook them (messing with the syscall table which LSM doesn't
    effect)?  Or are you wanting a hook in the security table structure for
    every individual call?
    The current scheme is to control access to the kernel's core data
    structures.  Some of this requires hooks in syscalls, other places this
    does not (the whole networking hook system will not be near the single
    network syscall, from what I think Chris W. has in mind.)
    Which reminds me, we need to add the "security" syscall to the system,
    I'll look into that tomorrow.
    greg k-h
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Thu May 10 2001 - 21:51:33 PDT