Re: Hooking exec system call

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Sep 22, 2011 at 1:53 PM, Abhijit Pawar <apawar.linux@xxxxxxxxx> wrote:
hi list,
Is there any way to hook the exec system call on Linux box apart from
replacing the call in System Call table?

Regards,
Abhijit Pawar

_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@xxxxxxxxxxxxxxxxx
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

Tidy way : -

You can do that from LSM (Linux security module).

Untidy way : -
Yes, you can do that by registering a new binary format handler. Whenever exec is called, a list of registered binary format handlers is scanned, in the same way you can hook the load_binary & load_library function pointers of the already registered binary format handlers.

Regards,
Rohan Puri
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@xxxxxxxxxxxxxxxxx
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux