In addition to the inode permission hook and the task set_label hook (as mentioned by Chris Wright and Serge Hallyn, respectively), you can use the binprm alloc_security and compute_creds hooks to perform security processing during an execve. Examples of using the binprm hooks can be found in the capability security module (See cap_bprm_alloc_security and cap_bprm_compute_creds in kernel/capability_plug.c) and in the SELinux security module. -- Stephen D. Smalley, NAI Labs ssmalleyat_private On Fri, 25 May 2001, Chris Lundberg wrote: > What is the best way to monitor calls to execve using the lsm? We are > trying to monitor, and perhaps conditionally prevent, program execution. > > Thanks, > Chris Lundberg > Harvey Mudd College > > > _______________________________________________ > linux-security-module mailing list > linux-security-moduleat_private > http://mail.wirex.com/mailman/listinfo/linux-security-module > _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue May 29 2001 - 07:10:41 PDT