[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Dazuko-devel] LSM of Dazuko on kernel 2.6.32
From: |
errik |
Subject: |
[Dazuko-devel] LSM of Dazuko on kernel 2.6.32 |
Date: |
Fri, 18 Feb 2011 19:03:55 +0800 |
Hi John,
These days I am trying to find a way to do execve hook on 2.6.32 kernel.
I have tried dazukofs, it works with risk because we can't stop it after we mount a directory as dazukofs. The only way is to reboot the OS. If I mount watching directories to dazukofs, it has some potential impact to my server.
Also I tried redirfs, it only supports open and close hook not support execve hook.
At the end I tried to port Dazuko (LSM way) to kernel 2.6.32. The execve hook works fine with dazuko-LSM. But after I modify all the security APIs for 2.6.32, I found the kernel API register_security is not exported event there is no kernel API unregister_security.
So I hope I can get some suggestions from you:
1. Is it possibile that I continue to use LSM on kernel 2.6.32? How can I do this? It seems kernel developers want to remove LSM from future kernel.
2. Can Dazuko catch execve events with RedirFS on kernel 2.6.32?
Looking forward to your suggestions.
Thanks a lot,
Errik
- [Dazuko-devel] LSM of Dazuko on kernel 2.6.32,
errik <=