[Dazuko-devel] LSM of Dazuko on kernel 2.6.32

dazuko-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Dazuko-devel] LSM of Dazuko on kernel 2.6.32

From:	errik
Subject:	[Dazuko-devel] LSM of Dazuko on kernel 2.6.32
Date:	Fri, 18 Feb 2011 19:03:55 +0800

Hi John,

These days I am trying to find a way to do execve hook on 2.6.32 kernel.

I have tried dazukofs, it works with risk because we can't stop it after we mount a directory as dazukofs. The only way is to reboot the OS. If I mount watching directories to dazukofs, it has some potential impact to my server.

Also I tried redirfs, it only supports open and close hook not support execve hook.

At the end I tried to port Dazuko (LSM way) to kernel 2.6.32. The execve hook works fine with dazuko-LSM. But after I modify all the security APIs for 2.6.32, I found the kernel API register_security is not exported event there is no kernel API unregister_security.

So I hope I can get some suggestions from you:

1. Is it possibile that I continue to use LSM on kernel 2.6.32? How can I do this? It seems kernel developers want to remove LSM from future kernel.

2. Can Dazuko catch execve events with RedirFS on kernel 2.6.32?

Looking forward to your suggestions.

Thanks a lot,

Errik

[Prev in Thread]

Current Thread

[Next in Thread]

[Dazuko-devel] LSM of Dazuko on kernel 2.6.32, errik <=
- [Dazuko-devel] Re: LSM of Dazuko on kernel 2.6.32, errik, 2011/02/21

Prev by Date: [Dazuko-devel] Re: [Dazuko-help] Dazukofs
Next by Date: Re: [Dazuko-devel] Re: [Dazuko-help] Dazukofs
Previous by thread: [Dazuko-devel] Re: [Dazuko-help] Dazukofs
Next by thread: [Dazuko-devel] Re: LSM of Dazuko on kernel 2.6.32
Index(es):
- Date
- Thread