Re: stop mount/read/write

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


> The LD_PRELOAD method has a few drawbacks: security issues, statically
> linked programs. I am looking for another solution.
> Marius

You can analyze LSM, it seems to be a good solution. ([1]).

thanks,
Daniel.

[1] http://www.usenix.org/event/sec02/full_papers/wright/wright.pdf

From what I have read, with LSM you have to provide a full solution because it does not allow you to stack modules[1]. This also means that my module will not work with SELinux or other LSM modules. I only need a subset of LSM hooks. 
I can use LSM, but I want to know if there is another solution.

[1] http://lwn.net/Articles/315974/

Thanks,
Marius 
[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux