newbie (me) at work :-)
<quote sender="Ed L Cashin">
> On Sun, Jun 08, 2003 at 07:21:35PM +0800, Eugene Teo wrote:
> Hi, Eugene Teo. Would you mind describing what you're
> doing? I thought that I understood what you were doing,
> but now I'm sure I don't. ;)
>
> If I were trying to override a system call, I'd write
> my own implementation and replace the entry in the
> vector of system call function pointers.
what i did is i get the symbol address from the global kernel
symbol table, save the address, overwrite the function with
a new address (aka replace the entry in the system call
vector), do what i want, load my payload, then overwrite the
function with the original address, and voila, :-)
now, i have to spend some time learning something useful before
i get people throwing stones at me :)
Eugene
--
Eugene TEO @ Linux Users Group, Singapore <eugeneteo@lugs.org.sg>
GPG FP: D851 4574 E357 469C D308 A01E 7321 A38A 14A0 DDE5
main(i){putchar(182623909>>(i-1)*5&31|!!(i<7)<<6)&&main(++i);}
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
