Greg KH wrote: >On Fri, Apr 11, 2003 at 12:16:58AM -0500, Weiqing Sun wrote: > > >>I'm thinking of implementing file redirection using LSM hooks, e.g. >>The deletion on /opt/2 will be applied to /tmp/2_victim. >> >> >Why not just use mount to handle this kind of stuff? > You could do that to induce redirection for specific directories, but I have a hard time seeing how you could do it in general. Assuming that Weiqing was thinking of honeypot purposes, he would presumably want to do redirection of arbitrary files under arbitrary circumstances, e.g. PID 1234 has been flagged as "rogue" and now it's accesses will be redirected. > I wouldn't >recommend using lsm to handle redirection, but it might be possible with >a lot of care. > OTOH, I agree with Greg that successfully doing redirection from LSM may be problematic. Refer to this thread <http://mail.wirex.com/pipermail/linux-security-module/2001-June:/0859.html> for some history. Crispin -- Crispin Cowan, Ph.D. http://wirex.com/~crispin/ Chief Scientist, WireX http://wirex.com HP/Trend Micro Immunix Secured Solutions http://h18000.www1.hp.com/products/servers/solutions/iis/ Just say ".Nyet" _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Apr 11 2003 - 10:56:55 PDT