* J. Paul Reed (preedat_private) wrote: > > Hey all: > > A friend and I have written a Linux kernel module that replaces the > sys_execve() system call with a version that does binary summing on > administrator selected system binaries before it allows the exec() to > occur. This looks like nice work. As Greg mentioned, it is a bit misleading to say that your work replaces sys_execve(), as it doesn't; you are registering a new binary format handler. With that in mind, you may want to consider that the binary format handler list is searched linearly, and you need to assure that your format handler is called first. IOW, if you were compiling your module statically you need to assure it's init funciton is called last. And, of course, subsequent register_binfmt() calls would preempt your handler. This mail list is really about the specifics of linux security modules using the LSM framework (see http://lsm.immunix.org). It would be interesting to see this work ported to LSM. To begin with, it would help you enforce the no module loading policy. Replacement of a syscall table entry, like sys_create_module is racey and heavy handed. And, this doesn't not cover the case of /dev/kmem attacks, for example. Also, the LSM hooks could help you develop a more sophisiticated notion of inode caching, rather than relying on mtime. Some minor nits: If this is GPL code, make the MODULE_LICENSE reflect it. The current MODULE_LICENSE looks more like a MODULE_DESCRIPTION and will cause your kernel to report that it's tainted. Also, take a look at the module_init and module_exit macros. I noticed the md5sum stuff is used both in gensum and in module. I don't think making a void* interface is a good idea just so you can share the common code between userspace and kernel space. BTW, having a writeup is a really nice help to a bunch of code. Again, nice work. cheers, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 14:24:49 PDT