Re: The disappearing sys_call_table export.

From: Arjan van de Ven (arjanv@redhat.com)
Date: Wed May 07 2003 - 10:48:40 EST

Next message: Neulinger, Nathan: "problems after upgrading from 2.4.20-pre7 to 2.4.21-rc1 (maybe nfs related)"
Previous message: William Lee Irwin III: "Re: top stack (l)users for 2.5.69"
In reply to: petter wahlman: "Re: The disappearing sys_call_table export."
Next in thread: Richard B. Johnson: "Re: The disappearing sys_call_table export."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2003-05-07 at 17:34, petter wahlman wrote:
> It seems like nobody belives that there are any technically valid
> reasons for hooking system calls, but how should e.g anti virus
> on-access scanners intercept syscalls?
> Preloading libraries, ptracing init, patching g/libc, etc. are
> obviously not the way to go.

those obviously need to be implemented via the security subsystem (eg
LSM). Hooks are obviously the wrong level to do things and I could even
tell you that you cannot implement this right from a module actually.

application/pgp-signature attachment: This is a digitally signed message part

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Neulinger, Nathan: "problems after upgrading from 2.4.20-pre7 to 2.4.21-rc1 (maybe nfs related)"
Previous message: William Lee Irwin III: "Re: top stack (l)users for 2.5.69"
In reply to: petter wahlman: "Re: The disappearing sys_call_table export."
Next in thread: Richard B. Johnson: "Re: The disappearing sys_call_table export."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed May 07 2003 - 22:00:31 EST