I am not entirely sure about what you are referring to, but from the buzz words you used, I assume what you are trying to do is employ some kernel module to log the PID of a process that is making a specific system call. If this is what you are attempting to do, it is fairly trivial to do with linux kernel modules. There are actually quite a few programs out there that will allow you to set up "filters" for syscalls and their parameters, for instance an "open" on "/etc/passwd". If you are coding this from scratch, Pragmatic's (THC) paper on Linux Kernel Modules, is a good place to start...Also, check out any of Tim Lawless's code, its a good place to rip code from :-). Hope this helps, if not, just email me and I can fire off some source if you need it. On Fri, 21 Mar 2003, Adrian S wrote: > > > Hi, > > Is it possible to determine the source address of the system call to check > if it is proper from a list of legal addresses (legal process space etc) ? > > rgds > Adrian >
This archive was generated by hypermail 2b30 : Sun Mar 23 2003 - 13:36:03 PST