I want to create on-line judge for acm like olympiads. So I have to execute some code that came in source from outside(www). Thus security problem is my main problem.
The idea is to deny all syscalls for specific process p. This is possible even without rewriting kernel by kernel module. Now I'm thinking how to do this. Possibly it would be easy to point p->sv_sysent to the structure that points sv_prepsyscall to some function that denies some system calls. (kill process, make some record in module about restricted call) But I don't understand how to cancel syscall out of those function. Maybe it's possible to change code parameter to something else. -- Best regards, earthman mailto:[EMAIL PROTECTED] icq: 145680330 _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
