[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Dazuko-devel] Hidden System Call Table
|
From: |
John Ogness |
|
Subject: |
[Dazuko-devel] Hidden System Call Table |
|
Date: |
Fri, 30 May 2003 12:41:40 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030312 |
Hi,
With RedHat's newer kernels, the system call table is hidden. This was
ok, because a workaround was submitted by Danilo Massa that allowed the
table to be found using sys_exit. However, with the new RedHat kernels,
sys_exit is also not available. I have released 1.2.1-pre1 of Dazuko,
which can now find the system call table based on sys_close. This is
turning out to be a cat and mouse game with RedHat. :(
The good news is that RedHat is being forced to create tighter and more
secure kernels. Unfortunately, this means that Dazuko will need to find
a better way to integrate with the RedHat kernels. I would like to meet
with Amon Ott (from RSBAC) to discuss better alternatives to "hooking"
the system call table. Hopefully this will happen soon. :)
Lately I have been very busy with the 1.3 branch (implementing the new
cross-platform layer). This should be finished within the next month,
which will allow for fairly simple porting to FreeBSD 4.x (my next
target platform).
John Ogness
--
Dazuko Maintainer
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Dazuko-devel] Hidden System Call Table,
John Ogness <=