[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Dazuko-devel] Hidden System Call Table

From: John Ogness
Subject: [Dazuko-devel] Hidden System Call Table
Date: Fri, 30 May 2003 12:41:40 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030312


With RedHat's newer kernels, the system call table is hidden. This was
ok, because a workaround was submitted by Danilo Massa that allowed the
table to be found using sys_exit. However, with the new RedHat kernels,
sys_exit is also not available. I have released 1.2.1-pre1 of Dazuko,
which can now find the system call table based on sys_close. This is
turning out to be a cat and mouse game with RedHat. :(

The good news is that RedHat is being forced to create tighter and more
secure kernels. Unfortunately, this means that Dazuko will need to find
a better way to integrate with the RedHat kernels. I would like to meet
with Amon Ott (from RSBAC) to discuss better alternatives to "hooking"
the system call table. Hopefully this will happen soon. :)

Lately I have been very busy with the 1.3 branch (implementing the new
cross-platform layer). This should be finished within the next month,
which will allow for fairly simple porting to FreeBSD 4.x (my next
target platform).

John Ogness

Dazuko Maintainer

reply via email to

[Prev in Thread] Current Thread [Next in Thread]