On Thu, May 10, 2001 at 10:58:54PM +0100, Chris Evans wrote: > > > 2) I see, currently, that syscalls are not hooked in a generic manner. > From exceptionally brief scanning of the archives, this seems to be a > debated point. > Are there plans to hook syscalls? If not, I can make a very strong > argument to do so. Let me know if you want to hear it. Do you want to hook syscalls in a different manner than the current ability to hook them (messing with the syscall table which LSM doesn't effect)? Or are you wanting a hook in the security table structure for every individual call? The current scheme is to control access to the kernel's core data structures. Some of this requires hooks in syscalls, other places this does not (the whole networking hook system will not be near the single network syscall, from what I think Chris W. has in mind.) Which reminds me, we need to add the "security" syscall to the system, I'll look into that tomorrow. thanks, greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu May 10 2001 - 21:51:33 PDT