| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Dec 2011 10:10:53 -0500 From: Wakko Warner <wakko@...mx.eu.org> To: Jiri Kosina <jkosina@...e.cz> Cc: Gaurav Saxena <grvsaxena419@...il.com>, linux-kernel@...r.kernel.org Subject: Re: Intercepting system calls Jiri Kosina wrote: > On Thu, 22 Dec 2011, Wakko Warner wrote: > > > > Oh. I will not do it then, could you suggest me something so that I > > > could prevent unlink on some file say using kernel support. I want to > > > save file on unlink how could I do that without kernel support, or how > > > could I do that using a kernel module. > > > > I wrote a library that can be loaded in userspace that does this. It's not > > very polished, but it works for me. I use it for rsync when I want files > > "deleted" but not from the filesystem. It creates a .deleted directory in > > the $PWD. > > I don't see a way how library could cover any arbitrary userspace process > issuing unlink() (consider statically linked binaries, for starters). It cannot. I already understand that static binaries cannot be trapped like this. -- Microsoft has beaten Volkswagen's world record. Volkswagen only created 22 million bugs. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists