Re: Running Untrusted Code in a Restricted Process

From: jesse hammons (jhammons@bigteam.org)
Date: Fri Jun 09 2000 - 17:33:14 EST

Next message: Gareth Hughes: "Updates to FXSR/SSE support in 2.4.0-test1"
Previous message: Eric Silberstein: "PROBLEM : oops"
In reply to: Brian Gerst: "Re: Running Untrusted Code in a Restricted Process"
Next in thread: Alan Cox: "Re: Running Untrusted Code in a Restricted Process"
Reply: Alan Cox: "Re: Running Untrusted Code in a Restricted Process"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 9 Jun 2000, Brian Gerst wrote:

> This can already be done with the current ptrace functionality. Ptrace
> can intercept system calls made by the traced process (strace uses this)
> and can modify or deny them.

Ah, now I understand. The current functionality is in kernel 2.3 of
course, not my old 2.2.12 kernel. Thanks for the info.

The old version of the tracing code (at least in i386) didn't allow for
syscall_trace to reject system calls.

Thanks,
-Jesse

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Gareth Hughes: "Updates to FXSR/SSE support in 2.4.0-test1"
Previous message: Eric Silberstein: "PROBLEM : oops"
In reply to: Brian Gerst: "Re: Running Untrusted Code in a Restricted Process"
Next in thread: Alan Cox: "Re: Running Untrusted Code in a Restricted Process"
Reply: Alan Cox: "Re: Running Untrusted Code in a Restricted Process"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Jun 15 2000 - 21:00:20 EST