[rsbac] feature request: rsbac restrictions in address accessing to /dev/mem.

Javier J. Martínez Cabezón tazok.id0 at gmail.com
Thu Jan 15 17:11:00 CET 2009

Enabling global access restrictions to /dev/mem must not be a good
idea, If you want to make an forensic analysis (for example rebuilding
task with the  task_struct linked list or rebuilding it with the
task_struct_cachep using cache objects you will need to reach any
address in /dev/mem. It would be great to have one rol forensic_r that
only him could reach to all the address in /dev/mem and get the other
ones filtered to only video memory don't you think?

More information about the rsbac mailing list