Date: Thu, 9 Oct 2003 07:46:45 +0300 From: earthman <earthman@inbox.ru> To: freebsd-hackers@freebsd.org Subject: On-line judgment kernel module Message-ID: <1197083983.20031009074645@inbox.ru>
next in thread | raw e-mail | index | archive | help
I want to create on-line judge for acm like
olympiads. So I have to execute some code
that came in source from outside(www).
Thus security problem is my main problem.
The idea is to deny all syscalls for specific
process p. This is possible even without rewriting
kernel by kernel module.
Now I'm thinking how to do this.
Possibly it would be easy to point p->sv_sysent
to the structure that points sv_prepsyscall
to some function that denies some system calls.
(kill process, make some record in module about
restricted call)
But I don't understand how to cancel syscall
out of those function. Maybe it's possible
to change code parameter to something else.
--
Best regards,
earthman mailto:earthman@inbox.ru
icq: 145680330
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1197083983.20031009074645>