I am glad to say that the LSM runtime verification tools that we have been working on at IBM are now approved for us to release open source (GPL license). I am getting the tool added to the external IBM DeveloperWorks, but in the meantime I will be happy to send a tarball to requestors. These runtime tools instrument the Linux kernel, collect logs of controlled operations and security checks, and analyze the logs to display the relationship between the controlled operations and authorization checks for individual system calls. From this, one can compare the authorizations within and across system calls (graphically and textually). A fairly complete technical and usage document is included. We have tested the tools on 2.4.16, 2.4.18, 2.4.19, and 2.5.26. I can't say how easy it is to port to more recent 2.5 versions, but I'll look into it. No changes were required between 2.4.16 and 2.4.18. Some were required to 2.4.19, but mostly due to hook flattening. Note that these tools are the ones from the upcoming CCS 2002 paper (Runtime Verification of Authorization Hook Placement for the Linux Security Modules Framework), *not* from the USENIX 2002 paper (based on CQUAL static analysis). The latter prototype is not well-tested, and we continue to improve the static analysis capabilities. We hope to make some headway on this soon. Regards, Trent. ---------------------------------- Trent Jaeger IBM T.J. Watson Research Center 19 Skyline Drive Hawthorne, NY 10532 jaegertat_private (914) 784-7225, FAX (914) 784-7595 _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue Oct 01 2002 - 17:14:33 PDT