From owner-freebsd-hackers@FreeBSD.ORG Wed Oct 8 22:11:41 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B1EF716A4B3 for ; Wed, 8 Oct 2003 22:11:41 -0700 (PDT) Received: from relay.macomnet.ru (relay.macomnet.ru [195.128.64.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4500043FBD for ; Wed, 8 Oct 2003 22:11:40 -0700 (PDT) (envelope-from maxim@macomnet.ru) Received: from news1.macomnet.ru (c16szmqi@news1.macomnet.ru [195.128.64.14]) by relay.macomnet.ru (8.12.10/8.12.10) with ESMTP id h995BbDt18308122; Thu, 9 Oct 2003 09:11:37 +0400 (MSD) Date: Thu, 9 Oct 2003 09:11:37 +0400 (MSD) From: Maxim Konovalov To: earthman In-Reply-To: <1197083983.20031009074645@inbox.ru> Message-ID: <20031009091036.X69716@news1.macomnet.ru> References: <1197083983.20031009074645@inbox.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-hackers@freebsd.org Subject: Re: On-line judgment kernel module X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Oct 2003 05:11:41 -0000 On Thu, 9 Oct 2003, 07:46+0300, earthman wrote: > > I want to create on-line judge for acm like > olympiads. So I have to execute some code > that came in source from outside(www). > Thus security problem is my main problem. > > The idea is to deny all syscalls for specific > process p. This is possible even without rewriting > kernel by kernel module. You need SPY: http://people.freebsd.org/~abial/ -- Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org