Re: Syscall security

From: Ingo Molnar
Date: Fri Sep 26 2003 - 09:12:01 EST

Next message: Nicolas Mailhot: "Re: Keyboard oddness."
Previous message: Michael Frank: "Re: [BUG?] SIS IDE DMA errors"
In reply to: Maciej Zenczykowski: "Syscall security"
Next in thread: Maciej Zenczykowski: "Re: Syscall security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 26 Sep 2003, Maciej Zenczykowski wrote:

> The reason I'm asking is because I want to run totally untrusted
> statically linked binary code (automatically compiled from user
> submitted untrusted sources) which only needs read/write access to stdio
> which means it only requires syscalls read/write/exit + a few more for
> memory alloc/free (like brk) + a few more generated before main is
> called (execve and uname I believe).

if this syscall activity is so low then it might be much more flexible to
control the binary via ptrace and reject all but the desired syscalls.
This will cause a context switch but if it's stdio only then it's not a
big issue. Plus this would work on any existing Linux kernel.

Ingo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nicolas Mailhot: "Re: Keyboard oddness."
Previous message: Michael Frank: "Re: [BUG?] SIS IDE DMA errors"
In reply to: Maciej Zenczykowski: "Syscall security"
Next in thread: Maciej Zenczykowski: "Re: Syscall security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]