Re: SECURE_FD OpenWall LSM Patch

From: Nick Bellinger (nickbat_private)
Date: Wed Nov 21 2001 - 21:30:46 PST

  • Next message: rhys tucker: "Basic questions about LSM architecture."

    Ok, lets try that again.
    
    
    On Tue, 2001-11-20 at 18:48, Nick Bellinger wrote:
    > 
    > Greetings,
    > 
    > 	
    > 	After much help from Chris,  attached in Richard Offer's SECURE_FD
    > patch and test program updated to use owlsm (minus memory leak,
    > chrdev_open, and extra hook).  Thanks for the excellent starting point
    > Richard!
    > 
    > 
    > 					Nick Bellinger
    > 
    > 
    > Excerpt from Mr Offer's Post:
    > 
    > 
    > Here is a test case to prove that the policy is working
    > 
    > int main(int argc, char **argv)
    > {
    > 
    >         int     fd;
    > 
    >         fd=open("sfd.c.tmp",1);
    > 
    >         write(1,"hello\n",6);
    > 
    >         return 0;
    > 
    > }
    > 
    >     % touch sfd.c.tmp
    > 
    > Compile this and run it using strace,
    > 
    >     % strace ./sfd 1>&-
    > 
    > you'll see the value of fd changes from 1 to 3 when the module is
    > present.
    > 
    > 
    > End Excerpt:
    > 
    > 
    
    
    
    

    _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module



    This archive was generated by hypermail 2b30 : Wed Nov 21 2001 - 22:34:01 PST