1 |
On Monday 22 September 2003 23:47, Martin Schlemmer wrote: |
2 |
> |
3 |
> The bigger issue, is that late 2.5 and now 2.6 kernels do not allow |
4 |
> you to replace system calls (something needed for a module like this). |
5 |
> This will then either force us to not use this for 2.6, or hack the |
6 |
> kernel, which will really limit the user. On another note - I do not |
7 |
> know if the new API and hooks added for the security modules might |
8 |
> enable us to have the same end result as hooking system calls with |
9 |
> our own would have done ... |
10 |
> |
11 |
|
12 |
The approach I am thinking about should not replace system calls. It should |
13 |
provide a separate filesystem driver similar to the bind mount driver. But |
14 |
kernel modules have indeed that big disadvantage. It could only be optional. |
15 |
|
16 |
Paul |
17 |
|
18 |
-- |
19 |
Paul de Vrieze |
20 |
Gentoo Developer |
21 |
Mail: pauldv@g.o |
22 |
Homepage: http://www.devrieze.net |