[rsbac] modules-off REG module
Amon Ott
ao at rsbac.org
Sat Apr 10 10:29:41 CEST 2004
On Freitag, 9. April 2004 11:10, Michał Purzyński wrote:
> i'am currently writing some REG module, i will write more about it after
> it is finished, but have simple question:
> how to hide some file ?
> /proc/modules in this case would be hiden after loading some kernel
> module (and add_to_kernel && remove_from_kernel denied, what is working
> now).
> i think that request get_status_data and search have to be denied for
> /proc/modules, but how to `say` it ? target_id is not very easy to use.
> some examples please ?
There is currently no hiding of files in RSBAC, because it seemed like a
rather dirty hack when I look at it. SEARCH is only valid for directories.
You could deny the lookup in /proc, what is probably not what you want.
So you could only control reading access to /proc/modules with the usual
FILE target request types. I can reconsider the file hiding feature, if
you need it.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list