[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Dazuko-devel] Dazuko's 6th birthday (Wiki)

From: Adam Jerome
Subject: Re: [Dazuko-devel] Dazuko's 6th birthday (Wiki)
Date: Mon, 11 Feb 2008 08:49:00 -0700

Feb 9, 2008 at  9:25 AM, in message, "Alon Bar-Lev" address@hidden> wrote: 
> On 2/9/08, John Ogness <address@hidden> wrote:
>> Yes, it may cause problems for distributions. I am considering adding
>> a kernel parameter so that Dazuko can be dynamically activated at boot
>> (like SElinux). Then distributions would be able to include the patch,
>> but leave Dazuko disabled. Users could then easily enable it with
>> somthing like "dazuko=1" as a boot parameter.
>> The only alternative is to avoid LSM.
> What about the syscall and System.map workaround, someone had suggested this 
> at:
> http://bugs.gentoo.org/show_bug.cgi?id=207537
> Maybe until 2.6.25 you come up with none LSM solution?

FYI... the syscall table is now in "read-only" memory (upstream).  My vote is to
proceed with an LSM solution. 

Of course, there may still be ways to hack the syscall codepath.  (Perhaps
a copy of the table in rw mem, and then redirect all syscall table references
to the rw copy;... etc.)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]