Re: Secure 2.4.x kernel
I don't know this for certain, but I've got a feeling that it's this kind
of thing that would be very easy to implement in the Hurd - the microkernel
would make it very easy to start adding daemons that provide a layer between
requests for exec, forks etc and actually granting them.
Otoh, the hurd may not suffer from these problems at all, or in the same way
- I haven't worked with the hurd for long enough to know much more than that
it *seems* to revolve around some truely excellant ideas which some people
In any case it would probably require writing a daemon and re-writing the
hurd call library to take advantage of it, though no re-writing of the user
space daemons would be necessary afaict.
On Fri, Dec 21, 2001 at 11:23:59AM -0600, Kelly Martin wrote:
> As far as I know, Linux does not support doing that. So the way you do it
> is modify your kernel to make fork and exec revokable syscalls, write a
> syscall allowing a process to request revocation of unneeded syscalls, and
> add that call to your daemon.
> > -----Original Message-----
> > From: Robert Clay [SMTP:JClay@techteam.com]
> > Sent: Friday, December 21, 2001 11:17 AM
> > To: email@example.com
> > Subject: RE: Secure 2.4.x kernel
> > And how would one do that?
> > >>> Kelly Martin <firstname.lastname@example.org> 12/21/01 12:09PM >>>
> > ...Taking away the fork and exec syscalls from a daemon which does not
> > need to do either would be a good start.
> > --
> > To UNSUBSCRIBE, email to email@example.com
> > with a subject of "unsubscribe". Trouble? Contact
> > firstname.lastname@example.org
> To UNSUBSCRIBE, email to email@example.com
> with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org
BOFH Excuse Board:
disks spinning backwards - toggle the hemisphere jumper.