* David Härdeman (david@private) wrote: > I'm currently playing around with the security/root_plug.c LSM module > and I have two questions: you'll have better luck on the lsm list > 1) What's the recommended way of telling that someone is logging in to > the computer (via ssh, virtual console, serial console, X, whatever) > with LSM? Look for open() on /dev/pts? logging in...this is really a userspace notion, so via PAM. creating a new process or changing credentials of a new process are the types of things that lsm watches (and of course, opening of files). > 2) root_plug currently scans the usb device tree looking for the > appropriate device each time it's needed. In the interest of making the > result of the lookup cached, it is possible for a module to register so > that it is notified when a usb device is added/removed? I don't think that can be done in a race free manner. Perhaps get the device and check its state, but you'd have to ask usb folks. ATM, it's only checked during exec of root process.
This archive was generated by hypermail 2.1.3 : Tue Aug 30 2005 - 15:08:12 PDT