Date: Thu, 9 Aug 2001 16:15:05 -0400 (EDT) From: Evan Sarmiento <ems@open-root.org> To: freebsd-hackers@freebsd.org, freebsd-current@freebsd.org Subject: kernel hooks Message-ID: <20010809201505.53D283A07E@postfix.sekt7.org>
next in thread | raw e-mail | index | archive | help
Hey, Like was said in the status report, I am working on the security hooks, I released a preliminary patch about a week ago, put it into GNATS. No one has reviewed it yet, I was wondering if someone would be willing to take a look? http://www.freebsd.org/cgi/query-pr.cgi?pr=29423 I am also writing a paper on it, I'll probably post my first draft, if anyone wants to see it. So you can get a better idea of what I'm doing. If you're not up on this, here is a brief description of what I'm doing: Kernel Security Hooks provide a standard interface for programmers of kernel security extensions to intercept system calls and other functions. Before, programmers had to wrap the system call with their own system call, resulting in two copyins. PRFW, the kernel security hook patch I am addressing in this PR, provides a standard interface for these uses. It also provides per-pid restrictions, so process X might not be able to use setuid but process Y might, depending on what restrictions you write. Thanks a lot, -- ----------------------------------- Evan Sarmiento | www.open-root.org ems@sekt7.org | www.sekt7.org/~ems/ ----------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010809201505.53D283A07E>