> The security monitor would be the parent process of the process that
> you wish to control. It would use PTRACE_SYSCALL to run the
> target's user-space instructions at full speed and filter the
> target's system call requests. For example, if your httpd tries to
> open "/etc/passwd" for reading, the security monitor simply logs the
> attempt, SIGKILL's the process, whatever.
See this:
http://www.intes.odessa.ua/vxe/
Paul
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/