So Chris Lundberg and I are in the process of porting over a honeypot that I wrote as an LKM a while back. Since we are hiding files and processes, we are finding that returning EPERM in places (like ptrace, open, and several others) is less useful than returning something like ESRCH or ENOENT. Aside from the 1 assignment per query performance hit, why are we not doing something like if ((ret = security_ops->ptrace(current->p_pptr, current))) goto out; instead of if (security_ops->ptrace(current->p_pptr, current)) goto out; ? Now, I understand that things like honeypots are not necessarily normal security policy, and thus might not be covered within the scope of our task. But I think if we are going for a really general framework, it would be good to include the ability to do these things. So my question really is, should we go grab a BitKeeper of the current source and make these changes? Would anyone mind terribly? Would they have a chance of being accepted into the patch? -Titus Winters _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed May 30 2001 - 11:21:31 PDT