* Titus D. Winters (titusat_private) wrote: > Are we currently hooking reboot somewhere useful? The current reboot hook > still drops down to INIT 0 before being called, which seems to be less > than optimal. Heh, that's pretty funny, I hadn't tried that ;-) I think the crux of the issue is the userspace concept of reboot vs. the kernel concept of reboot. The admin tools reboot, shutdown, init, etc. are all pretty inbred if you are using the SysVinit package. So, if you call reboot, it calls shutdown, which calls init. In any case...using init to change run levels is not really controlled by the kernel. The *syscall* reboot is what's protected. This does seem fairly meaningless when init has stopped all user processes! There is no other place in the kernel to hook reboot. You probably already looked at the code for sys_reboot(). The lsm check is the first thing that happens in sys_reboot(). This can protect programs from being hacked and told to execute reboot(). But, you're right, this doesn't do much for init. I think the problem is earlier. As a module, you have to decide things like: * is it ok to execute /sbin/init in this context? * is it ok to send TERM or KILL signals to all user processes in this context? -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed May 30 2001 - 19:43:30 PDT