[rsbac] modules-off REG module

Amon Ott ao at rsbac.org
Sat Apr 10 10:29:41 CEST 2004


On Freitag, 9. April 2004 11:10, Michał Purzyński wrote:
> i'am currently writing some REG module, i will write more about it after
> it is finished, but have simple question:
> how to hide some file ?
> /proc/modules in this case would be hiden after loading some kernel
> module (and add_to_kernel && remove_from_kernel denied, what is working
> now).
> i think that request get_status_data and search have to be denied for
> /proc/modules, but how to `say` it ? target_id is not very easy to use.
> some examples please ?

There is currently no hiding of files in RSBAC, because it seemed like a 
rather dirty hack when I look at it. SEARCH is only valid for directories. 
You could deny the lookup in /proc, what is probably not what you want.

So you could only control reading access to /proc/modules with the usual 
FILE target request types. I can reconsider the file hiding feature, if 
you need it.

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22



More information about the rsbac mailing list