Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S264514AbTEJVdM (ORCPT ); Sat, 10 May 2003 17:33:12 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S264516AbTEJVdL (ORCPT ); Sat, 10 May 2003 17:33:11 -0400 Received: from corky.net ([212.150.53.130]:45718 "EHLO marcellos.corky.net") by vger.kernel.org with ESMTP id S264514AbTEJVdL (ORCPT ); Sat, 10 May 2003 17:33:11 -0400 Date: Sun, 11 May 2003 00:45:44 +0300 (IDT) From: Yoav Weiss X-X-Sender: yoavw@marcellos.corky.net To: daw@mozart.cs.berkeley.edu Cc: linux-kernel@vger.kernel.org Subject: Re: The disappearing sys_call_table export. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1129 Lines: 25 > Let's see you do sys_execve()... sys_socketcall() and sys_ioctl() are > fun, too. (And, I worry about doubly-indirected pointers, for instance.) > It's probably do-able, but you'd better stock up on the Advil in advance: > we're in major headache country, folks. I agree. I could post my 2.0.x code for doing this, but it would be counter-productive since security apps should use LSM for this very reason. I was merely suggesting a way for Masud to solve his specific problem without rewriting his module. sys_execve() and sys_socketcall() are actually not that hard. sys_ioctl() is next to impossible because no never know what the structs look like. Luckily, most security apps don't require ioctl-screening. Most security applications should use LSM but its not a good reason to remove sys_call_table, since its still useful for many non-security purposes. Yoav Weiss - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/