jesse hammons wrote:
>
> I'm looking for feedback and help on this feature. I've got an idea that
> is basically implemented except I need some help with a couple of lines of
> assembly in entry.S (my version attached below). I'm working off of a
> 2.2.12 kernel.
>
> First, let me explain what I'm doing. I want to be able to run untrusted code
> in a separate process. An example would be downloading a binary plugin. I
> believe there is a way to create a Linux personality that restricts which
> system calls a process is allowed to make. This actually sparked a debate with
> an engineering friend of mine. He claims that there is probably a way to
> execute a sequence of instructions that somehow leaves the processer in a bad
> state. I disagree! If that were true, anyone could crash the linux (or any
> x86 unix) kernel.
>
> Anyway here is the idea. I added a new task flag PF_RESTRICTED. This bit
> is set by setting yourself to the PER_RESTRICTED personality like so:
>
> This idea is so simple that I'm suprised that I couldn't find any
> implementations after searching the web for a day.
This can already be done with the current ptrace functionality. Ptrace
can intercept system calls made by the traced process (strace uses this)
and can modify or deny them.
--Brian Gerst
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Jun 15 2000 - 21:00:19 EST