* David Wagner ([EMAIL PROTECTED]) wrote: > There is a simple tweak to ptrace which fixes that: one could add an > API to specify a set of syscalls that ptrace should not trap on. To get > seccomp-like semantics, the user program could specify {read,write}, but > if the user program ever wants to change its policy, it could change that > set. Solaris /proc (which is what is used for tracing) has this feature. > I coded up such an extension to ptrace semantics a long time ago, and > it seemed to work fine for me, though of course I am not a ptrace expert.
Hmm, yeah, that'd be nice. That only leaves the issue of tracer dying (say from that crazy oom killer ;-). thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/