Re: Reboot hook?

From: Chris Wright (chrisat_private)
Date: Wed May 30 2001 - 19:40:26 PDT

  • Next message: Chris Wright: "2001_05_30 patch against 2.4.5"

    * Titus D. Winters (titusat_private) wrote:
    > Are we currently hooking reboot somewhere useful?  The current reboot hook
    > still drops down to INIT 0 before being called, which seems to be less
    > than optimal.
    Heh, that's pretty funny, I hadn't tried that ;-)
    I think the crux of the issue is the userspace concept of reboot vs. the
    kernel concept of reboot.
    The admin tools reboot, shutdown, init, etc.  are all pretty inbred if you
    are using the SysVinit package.  So, if you call reboot, it calls shutdown,
    which calls init.  In any case...using init to change run levels is not
    really controlled by the kernel.  The *syscall* reboot is what's protected.
    This does seem fairly meaningless when init has stopped all user processes!
    There is no other place in the kernel to hook reboot.  You probably already
    looked at the code for sys_reboot().  The lsm check is the first thing that
    happens in sys_reboot().  This can protect programs from being hacked and
    told to execute reboot().  But, you're right, this doesn't do much for init.
    I think the problem is earlier.  As a module, you have to decide things
    * is it ok to execute /sbin/init in this context?
    * is it ok to send TERM or KILL signals to all user processes in this context?
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Wed May 30 2001 - 19:43:30 PDT