Hello, I need to make a Linux Kernel Module that intercepts the open, write, rename and unlink system calls. Now in 2.6 the trouble is I can't do it because I can't export the sys_call_table. I have been looking the Linux Security Modules but it only defines inode operations with rename and unlink, so I can't capture the other system calls. Anyway when I filter the calls I would have to read a XML file where I have some filtering options. The posible idea is to create an application in user space that reads the XML document and then create some proc entries. The LKM only would have to read the exported vars before making open/write/rename/unlink operations. Any idea about intercepting the calls and what would be the best way to filtering these files? I would have to export the pathname of each operation to other module is listening in userspace (with unix domain sockets), so there would be other application waiting this information from the LKM. Thanks in advance, Alejandro -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
