Date: Thu, 9 Oct 2003 10:17:53 +0200 From: Pawel Jakub Dawidek <nick@garage.freebsd.pl> To: earthman <earthman@inbox.ru> Cc: freebsd-hackers@freebsd.org Subject: Re: On-line judgment kernel module Message-ID: <20031009081753.GE520@garage.freebsd.pl> In-Reply-To: <1197083983.20031009074645@inbox.ru> References: <1197083983.20031009074645@inbox.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--Vo48LVc30GAQuLuW Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 09, 2003 at 07:46:45AM +0300, earthman wrote: +> The idea is to deny all syscalls for specific +> process p. This is possible even without rewriting +> kernel by kernel module. +>=20 +> Now I'm thinking how to do this. +> Possibly it would be easy to point p->sv_sysent +> to the structure that points sv_prepsyscall +> to some function that denies some system calls. +> (kill process, make some record in module about +> restricted call) +> But I don't understand how to cancel syscall +> out of those function. Maybe it's possible +> to change code parameter to something else. You may just try CerbNG: http://cerber.sourceforge.net It was presented on WIP session at BSDCon03, slides are here: http://garage.freebsd.pl/CerbNG.pdf 1.0-RC3 will be avaliable in near future. --=20 Pawel Jakub Dawidek pawel@dawidek.net UNIX Systems Programmer/Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am! http://cerber.sourceforge.net --Vo48LVc30GAQuLuW Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iQCVAwUBP4UZsT/PhmMH/Mf1AQH9mwP/aYVqOcSU8hHSlvaobCLcEK3H31W20YuZ RRYtyhqUVHv0mAM0OkKixHRAxlYXu8rdICfjk8SDethOgjv5yin9BgSlbaHMWsFM a30Ltbcz0DJ2yTguttSmmcHeU+NVyTPuxjM//Pxi2cZqSMn9QLsxJhdamQR3uiSi mmPVgnhtRp4= =ZiAJ -----END PGP SIGNATURE----- --Vo48LVc30GAQuLuW--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031009081753.GE520>