Re: The disappearing sys_call_table export.

Jesse Pollard (jesse@cats-chateau.net)
Wed, 7 May 2003 16:27:16 -0500


On Wednesday 07 May 2003 13:07, petter wahlman wrote:
> On Wed, 2003-05-07 at 18:59, Richard B. Johnson wrote:
>
[snip]
> > The same way you would force a virus to not be statically linked.
> > You make sure that only programs that interface with the kernel
> > thorugh your hooks can run on that particular system.
>
> Can you please elaborate.
> How would you implement the access control without modifying the
> respective syscalls or the system_call(), and would you'r
> solution be possible to implement run time?

Access control is available via the LSM, with well defined interfaces.
If that is what you want to control, then use the LSM, and not the syscall
table.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/