RE: Possible system call interface for LSM

• Previous message: richard offer: "Re: Possible system call interface for LSM"
• Maybe in reply to: Lachlan McIlroy: "Possible system call interface for LSM"
• Next in thread: Jesse Pollard: "Re: Possible system call interface for LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> * Please forgive my ignorance, but is it common for kernel 
> space to call
> * syscalls? (The gist of my question is actually aimed at a specific
> * point: why would the pointers in the arguments to this 
> syscall ever be
> * kernel space?)
> 
> Its only common for those policies like SELinux that use system call
> interposition. How common is this method ? I don't know.

We use it on hp-tlx (or whatever it's called today) for auditing.  And since
auditing isn't in phase 1 of LSM, I suspect others may try to get auditing
in by this method.

> Richard Offer                     Technical Lead, Trust 


-steve kramer				Technical Follower, Sneaky

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Crispin Cowan: "Re: Possible system call interface for LSM"
• Previous message: richard offer: "Re: Possible system call interface for LSM"
• Maybe in reply to: Lachlan McIlroy: "Possible system call interface for LSM"
• Next in thread: Jesse Pollard: "Re: Possible system call interface for LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 09 2001 - 10:13:34 PDT