On Tue, Oct 30, 2012 at 09:02:33PM +0000, Arvid Brodin wrote: > Hi, > > Below is a patch that adds a file /proc/PID/text_md5sum which when read > returns the md5 > checksum of a process' text segment. (This would be used e.g. to make sure a > process' > code hasn't been tampered with.) > > However, I have a few questions: > > * What's the difference between the tgid_base_stuff and tid_base_stuff > arrays? (One for > processes and one for the process' threads? I haven't been able to find any > info about > this so I'm guessing.) > > * When should I use the INF ("read") vs the ONE ("show") macro? > > * Any other comments about the code? > > Thanks!
I don't think this increments security by any means. start/end-code are rather informative fields which are set when program being started, so one can ptrace it, alloc new exec area, put evil code there, tuneup cs:ip and restore original program contents, you won't even notice that. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/