Acessing kmem, how about a driver? (really UN*X security)
Jack Jansen
jack at vu44.UUCP
Thu Dec 27 20:39:56 AEST 1984
I was thinking of making a modified kmem driver, especially for
things like 'ps', etc. It would incorporate a structure like
struct pmdevs {
caddr_t pm_start;
caddr_t pm_esize;
caddr_t pm_last;
} pmdevs[] = {
&u, sizeof(u), u+sizeof(u), /* U area */
&procs, sizeof(*procs), &procs[NPROCS], /* process table */
....
}
Every minor device would be associated with one of the entries in the
array, and would adress memory from pm_start to pm_last.
In this way, you could protect every table by it's own minor h
device, making superuser permission for things like 'ps' unnecesary.
The 'pm_esize' gives the size of a single entry. It can be collected
via a ioctl call, so the user program could for instance check whethet
the size of a certain structure hasn't changed since it was
compiled.
Does this seem like a feasible idea? If it is, has anyone implemented
it already, or something similar?
--
Jack Jansen, {seismo|philabs|decvax}!mcvax!vu44!jack
or ...!vu44!htsa!jack
If *this* is my opinion, I wasn't sober at the time.
More information about the Comp.unix.wizards
mailing list