Re: Syscall trouble

From: Chris Wright
Date: Tue Nov 30 2004 - 16:08:24 EST

Next message: Hanson, Jonathan M: "RE: Walking all the physical memory in an x86 system"
Previous message: Andreas Dilger: "Re: UFS1 filesystem compatibility problem under Linux"
In reply to: Søren Nøhr Christensen: "Syscall trouble"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Søren Nøhr Christensen (snc@xxxxxxxxx) wrote:
<snip>
> +#define __NR_umb_set_child_restrictions 284
<snip>

> Any suggestions?

Don't do it this way. Use /proc/<pid>/attr/ interface if you only want
to handle creating restrictions within a process. If you're using it to
load your policy, then create a reasonable filesystem interface and do
it that way. This will be portable across versions and architectures
without allocating any syscalls.

thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Hanson, Jonathan M: "RE: Walking all the physical memory in an x86 system"
Previous message: Andreas Dilger: "Re: UFS1 filesystem compatibility problem under Linux"
In reply to: Søren Nøhr Christensen: "Syscall trouble"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]