> "Samy" == Samy Al Bahra <[EMAIL PROTECTED]> writes:
Samy> On Thu, 16 Oct 2003 18:28:15 -0400 David Gilbert
Samy> <[EMAIL PROTECTED]> wrote:
>> As you conjecture, a syscall-less or syscall-restricted environment
>> *should* be safe ... if your syscall changes are bulletproof
>> *_and_* the r
On Thu, 16 Oct 2003 18:28:15 -0400
David Gilbert <[EMAIL PROTECTED]> wrote:
> As you conjecture, a syscall-less or syscall-restricted environment
> *should* be safe ... if your syscall changes are bulletproof *_and_*
> the rest of the runtime environment is bulletproof.
Good system call policies a
On Thu, 9 Oct 2003 07:46:45 +0300
earthman <[EMAIL PROTECTED]> wrote:
> Now I'm thinking how to do this.
> Possibly it would be easy to point p->sv_sysent
> to the structure that points sv_prepsyscall
> to some function that denies some system calls.
> (kill process, make some record in module ab
On Thu, Oct 09, 2003 at 07:46:45AM +0300, earthman wrote:
+> The idea is to deny all syscalls for specific
+> process p. This is possible even without rewriting
+> kernel by kernel module.
+>
+> Now I'm thinking how to do this.
+> Possibly it would be easy to point p->sv_sysent
+> to the structure
On Thu, 9 Oct 2003, 07:46+0300, earthman wrote:
>
> I want to create on-line judge for acm like
> olympiads. So I have to execute some code
> that came in source from outside(www).
> Thus security problem is my main problem.
>
> The idea is to deny all syscalls for specific
> process p. This is po
5 matches
Mail list logo
