Re: Kernel Security Extensions USENIX BOF Summary

• Previous message: Wayne Salamon: "Patch for lock, llseek, and readdir"
• In reply to: jmjonesat_private: "Re: Kernel Security Extensions USENIX BOF Summary"
• Next in thread: jmjonesat_private: "Re: Kernel Security Extensions USENIX BOF Summary"
• Reply: jmjonesat_private: "Re: Kernel Security Extensions USENIX BOF Summary"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 3 Jul 2001 jmjonesat_private wrote:

> LSMEXAMPLE (latest version coming SOON) is a mostly-dummy module.  Since I
> have the basic structure of a module therein, could somebody please
> provide a more detailed specification of what sorts of analyses would be 
> useful?  I'll get it coded, if I can get a clue.

The basic idea was to provide a module and utility that could be used
to verify that for each system operation, the right set of hooks was
called and the kernel responded properly when those hooks returned
errors.  Otherwise, it would be very easy for a hook call to become
"lost" or bypassed when a set of updates were made to the kernel.
I think the idea was proposed by Steve Kramer of HP.

--
Stephen D. Smalley, NAI Labs
ssmalleyat_private





_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: jmjonesat_private: "Re: Kernel Security Extensions USENIX BOF Summary"
• Previous message: Wayne Salamon: "Patch for lock, llseek, and readdir"
• In reply to: jmjonesat_private: "Re: Kernel Security Extensions USENIX BOF Summary"
• Next in thread: jmjonesat_private: "Re: Kernel Security Extensions USENIX BOF Summary"
• Reply: jmjonesat_private: "Re: Kernel Security Extensions USENIX BOF Summary"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 03 2001 - 12:24:19 PDT