Re: Syscall security

From: Maciej Zenczykowski
Date: Fri Sep 26 2003 - 09:18:45 EST

Next message: Martin Schwidefsky: "Re: s390 patches: descriptions."
Previous message: Ruth Ivimey-Cook: "More on IDE controller choice"
In reply to: Ingo Molnar: "Re: Syscall security"
Next in thread: Ingo Molnar: "Re: Syscall security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> if this syscall activity is so low then it might be much more flexible to
> control the binary via ptrace and reject all but the desired syscalls.
> This will cause a context switch but if it's stdio only then it's not a
> big issue. Plus this would work on any existing Linux kernel.

Unfortunately sometimes the data transfer through stdio can be counted in
hundreds of MB (or even in extreme cases a couple of GB), plus it is
important to not slow down the execution of the code (we're timing and
comparing execution speed of different approaches). Would doing this via
ptrace increase the runtime of the parent pid or of the child pid or both?
ie. would this make any syscall costly timewise (stdio is either from a
ram disk or piped to/from a generating/checking process) or would this be
unnoticeable?

Thx,
MaZe.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Martin Schwidefsky: "Re: s390 patches: descriptions."
Previous message: Ruth Ivimey-Cook: "More on IDE controller choice"
In reply to: Ingo Molnar: "Re: Syscall security"
Next in thread: Ingo Molnar: "Re: Syscall security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]