Chris Evans wrote: >On Tue, 15 May 2001 jmjonesat_private wrote: > >> > Can you still think of a case where read/write hooking is necessary? >> >> Suppose there's a crack that replaces the task's code at some point after >> the file is opened? Subsequently, a sensitive file (e.g. /etc/passwd) may >> be compromised during a read or write from what apparently is a valid > >A very good point. A good point, but it seems to be irrelevant to the question of whether to allow modules to interpose on read()/write() calls. The functionality jmjones wants is easily accomplished by checking open() calls, if I am not mistaken. >The netscape process should be started with security restrictions in place >- i.e. it should not get the chance to open anything remotely "sensitive" >(read /etc/passwd, write the user's .rhosts etc). It should only get >access to its cache files, config files etc.[1] See the Janus project. We've done this for Netscape, as well as for many other applications. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu May 17 2001 - 00:07:36 PDT