* Valdis.Kletnieksat_private (Valdis.Kletnieksat_private) wrote: > > No, I'm not asking if sbrk() is hooked by LSM - I'm asking what other > resources could depart from a process and you find out asyncronously. Are > there other similar gotcha's we need to worry about documenting? ah, i see, good question. i can't think of any from the top of my head. not all hooks are in a syscall path, some will be called from an interrupt context, e.g. ip layer hooks, or send_sigiotask. but it's not necessarily a recipe for async notification to user app. it is possible that a security policy violation could result in sending the app SIGKILL. it's also possible that an app is waiting for SIGIO, but it never arrives. but neither of these really fall into the category you're asking about. food for thought ;-) thanks, -chris p.s. s/anthony/antony/g in my last email, sorry about that. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Feb 04 2002 - 20:10:36 PST