I am really not an expert on kernel-programming but I remember that
there was a security-hole in the ptrace-code with which one a local user
could gain root access. And there was a little kernel-modul with a
wrapper-function for the ptrace-syscall that made traces only possible
if the user who was calling this syscall was root. So if I understand
right if we don't export the syscall-table it is impossible to write
such syscall-wrapper-functions and it requires to recompile the kernel
and reboot the machiene to fix such an security-hole.
So wouldn't it be better to export the syscall-table and just write into
the documentation that it is not a good idea to manipulate syscalls or
write a compiler-makro that gives out a warning when such a module is
beeing compiled.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/