PATCH: "Kernel Insider" (security optimization)

bruj0@securityportal.com.ar
Fri, 25 May 2001 00:14:54 -0300 (ART)


Hello, i wrote a modification for kernels 2.4.x, actually it can be
lodaded as a module and its not intrusive. I would love to get you opinions,
critics, flames about it. Plase CC: me becouse im not in the list. thanx
The whole package with a intructions is at
http://securityportal.com.ar/files/insider-1.6.tar.gz

This is the description:
INSIDER
-------
Its a linux kernel modification, that allows to decide wich uid, pid or
file can open a tcp socket in listening state.
The changes to the kernel are really insignificant, only to export 2
variables.
When a program tries to open a port it first makes a md5 checksum
of the file and compares it with the config list then it compares the user
id and finally the pid.
The policy is to "DENY" everything that is not in the allowed list.

Bruj0

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/