On Tue, 15 May 2001 jmjonesat_private wrote: > > Can you still think of a case where read/write hooking is necessary? > > Suppose there's a crack that replaces the task's code at some point after > the file is opened? Subsequently, a sensitive file (e.g. /etc/passwd) may > be compromised during a read or write from what apparently is a valid A very good point. To see the way I'd like to see this solved, consider "netscape" - surely a likely candidate for "a crack that replaces the task's code at some point" :-) The netscape process should be started with security restrictions in place - i.e. it should not get the chance to open anything remotely "sensitive" (read /etc/passwd, write the user's .rhosts etc). It should only get access to its cache files, config files etc.[1] Cheers Chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue May 15 2001 - 15:59:36 PDT