On Tue, Oct 30, 2012 at 09:02:33PM +0000, Arvid Brodin wrote:
> Hi,
>
> Below is a patch that adds a file /proc/PID/text_md5sum which when read
> returns the md5
> checksum of a process' text segment. (This would be used e.g. to make sure a
> process'
> code hasn't been tampered with.)
>
> However, I have a few questions:
>
> * What's the difference between the tgid_base_stuff and tid_base_stuff
> arrays? (One for
> processes and one for the process' threads? I haven't been able to find any
> info about
> this so I'm guessing.)
>
> * When should I use the INF ("read") vs the ONE ("show") macro?
>
> * Any other comments about the code?
>
> Thanks!
I don't think this increments security by any means. start/end-code are rather
informative fields which are set when program being started, so one can ptrace
it, alloc new exec area, put evil code there, tuneup cs:ip and restore original
program contents, you won't even notice that.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
