Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261512AbTIZQS7 (ORCPT ); Fri, 26 Sep 2003 12:18:59 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261522AbTIZQS7 (ORCPT ); Fri, 26 Sep 2003 12:18:59 -0400 Received: from gaia.cela.pl ([213.134.162.11]:2054 "EHLO gaia.cela.pl") by vger.kernel.org with ESMTP id S261512AbTIZQS5 (ORCPT ); Fri, 26 Sep 2003 12:18:57 -0400 Date: Fri, 26 Sep 2003 18:18:53 +0200 (CEST) From: Maciej Zenczykowski To: Davide Libenzi cc: Ingo Molnar , Linux Kernel Mailing List Subject: Re: Syscall security In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org > I beieve that what you're trying to do is a little bit more complicated > then simply blocking a few system calls. There are security softwares > doing this but they do more then blindly blocking system calls. Parameters > of the system call do matter in this scenario. For example you don't want > to block every write(), since the application you're trying to control > must be able to write on its own installation dir for example. They do Actually in this case all disk-access (and net-access) is illegal, and we're running in an empty chroot environment anyway. :) We're not really running aps - they're more along the lines of CPU calculation pipes - data in -> calc in system memory -> data out. > this by running the given application and "learning" system calls and > params to create a per-application policy. Every behaviour that violates > the policy trigger an event to the user running it (with a > "human readable" description of what is happening) and the user can either > accept it (by trainig the policy) or reject it. I'm afraid this has to run without user-intervention and the policy is trivial - allow mem-management (brk/mmap...) + exit + read stdin + write stdout. Thx, MaZe. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/