Hook test (was: Re: Kernel Security Extensions USENIX BOF Summary)

From: David Wheeler (dwheelerat_private)
Date: Thu Jul 05 2001 - 06:57:41 PDT

  • Next message: Chris Wright: "Re: Kernel Security Extensions USENIX BOF Summary"

    > Date: Wed, 4 Jul 2001 10:24:38 -0400 (EDT)
    > From: jmjonesat_private
    > To: linux-security-moduleat_private
    > Subject: Re: Kernel Security Extensions USENIX BOF Summary
    >
    > On Tue, 3 Jul 2001, Crispin Cowan wrote:
    >
    > > So, if someone wants to write a hook-presence detecting tool, that would
    > > be excellent.  The basic architecture is:
    ....
    
    > > Anyone wanna write this beastie?  There are at least 470 of us, so surely
    > > someone wants the fame & glory :-)
    >
    > I can pretty easily modify the LSMEXAMPLE code to provide an LSM-TEST API
    > that a user-land app can use, but I think the user-land app may break my
    > bank, but if somebody wants to team up I think I can get the
    > module-harness side done up to provide whatever info the user-land app
    > would need.  (no fame & glory necessary)
    
    Ideally the user-land application would test every hook, but
    there's no reason it has to be complete to be useful. A userland program that
    tested a subset of the hooks, and can then determine that
    that particular subset was indeed exercised, would have some value.
    
    That way, someone can write something that tests a few cases, and others
    can extend it (just like the hooks are being added).
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu Jul 05 2001 - 06:58:30 PDT