On Fri, 2005-04-15 at 11:40 -0700, Daniel Souza wrote: > A way to "protect" system calls is, after boot a trusted kernel image, > take a MD5 of the syscalls functions implementations (the opcodes that > are part of sys_read for example) and store it in a secure place.
That's the problem, once the kernel is compromised there's no such thing as a secure place. Solving this problem requires things like "trusted computing" aka hardware support. Lee - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/