Re: sys_create_module??

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

OK, but I need to verify any thing that intent open, execute or insmod code in a Linux box, searching for virus, and I need the full path to a loading module, just as I did with an opening, and executing file. Would you give any Idea????
reg@rds
Israel

John Levon wrote:
20020305223721.GA17684@compsoc.man.ac.uk"> 
On Tue, Mar 05, 2002 at 05:20:38PM -0500, israel fdez wrote:

I agree, but I'm intercepting the sys_create_module system call, and I 
need the module's file name before it is insmod'ed in the kernel. I 
think that if the module is in /proc/ksyms it is allready linked, dont you?

so patch modutils.

there are some things that just don't make any sense in the kernel, even
when you're doing ugly things like intercepting syscalls

regards
john


[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux