For programming questions about the Linux Security Module (LSM), a framework used by the Linux kernel for security checks.
For programming questions about the Linux Security Module (LSM), a framework used by the Linux kernel for security checks.
Questions tagged [linux-security-module]
32 questions
4
votes
0 answers
Is it possible to do it using eBPF? I.e., Can I capture the event before the file is deleted. And take back up
I am trying to track deletion of files using ebpf and wanted to take back up even before the deletion of file happens and then delete the file .
To track deletion of files I was told to use three methods by other community members
To trace…
Dinakaran P
- 39
- 1
4
votes
0 answers
Get argv from bprm_check_security in linux kernel. Is the documentation wrong?
According to Linux Kernel's doc:
bprm_check_security:
This hook mediates the point when a search for a binary handler will
begin. It allows a check against the bprm->cred->security value
which was set in the preceding creds_for_exec call. The…
Maxime B.
- 1,116
- 8
- 21
4
votes
1 answer
Is there any relationship between Secure Boot and Kernel Lockdown?
As far as I googled till now, the two features seem independent.
Secure Boot is dependent on Kernel Signature, so the bootloader will be checking (Kernel/Single Image Application) Signature if Valid will Call Kernel Start Function.
Lockdown is…
Vij
- 63
- 4
3
votes
0 answers
Are Linux Security Modules runtime-loadable?
Is it possible to compile Linux Security Modules as optional modules (.ko) and load them at runtime (or boottime)?
The modules in the Linux source tree seem to need to be compiled into the kernel (and can be selected via kernel boot params).
Just…
depletionmode
- 149
- 1
- 7
3
votes
1 answer
Linux module: being notified about task creation and destruction
for Mach kernel API emulation on Linux, I need for my kernel module to get called when a task has been just created or is being terminated.
In my kernel module, this could most nicely be done via Linux Security Modules, but a couple of years ago,…
LubosD
- 781
- 6
- 18
2
votes
0 answers
Stop user from running malicious python code in online compilers
I am developing an online compiler wherein user can run python code.My requirement is to run that python code on server side with exec. So I researched on how can I completely eliminate some user running malicious python code and most of the sites…
Jay Patel
- 63
- 5
2
votes
0 answers
Allow OAuth2 login to delegate to Kerberos protected resources
I would like to build a Web API in Python that uses OAuth2 and will eventually use Kerberos protected resources in the backend. Specifically, I would like to have a Web API that uses OAuth2 to authenticate user and then switch them to a Kerberos…
wwaldner
- 73
- 1
- 4
2
votes
0 answers
LSM - Security blobs and Major/Minor use cases
I am currently upgrading the source code of a Linux LSM (kernel 4.3.5) to the be compatible with the newest version of the Linux kernel.
I have successfully updated the code, so the GCC compiler successfully compiles, however the kernel will not…
RandomHash
- 669
- 6
- 20
2
votes
0 answers
Implementing LSM hook bprm_check_security
Recently, I am working on developing an Application Whitelisting solution for embedded linux based on the Linux Security Framework. The main focus of my LSM is implementing the bprm_check_security hook, invoked, when a program executing in the…
Payam
- 21
- 3
1
vote
1 answer
Dynamically loadable Linux security modules
I have seen many articles on LWN about allowing for dynamically loadable Linux security modules (LSM), but it is impossible to find concrete information on how it can be done. The LSM hooks (I don't know if this is the right term) aren't exported in…
Melab
- 2,594
- 7
- 30
- 51
1
vote
1 answer
Can non-exclusive (stackable) Linux Security Modules use security blobs?
I'm experimenting with Linux Security Modules, trying to make one.
My main source of knowledge about how they're supposed to work are mailing lists archives and the existing LSMs' sources, plus the few pages about them in the Linux documentation.
I…
ath
- 11
- 2
1
vote
1 answer
Kernel security modules: i_security in struct inode
my question is probably again pretty simple, but I did not find anything. I am writing a Linux Security Module. As you might know the struct inode in the kernel contains one field i_security to save security relevant information for the LSM. Now…
Chris
- 2,030
- 1
- 16
- 22
1
vote
3 answers
LSM-Howto: Kernelmodule with non exported functions
I'm currently writing a Linux Kernel module which depends on the Linux Security Modules (LSM) at the moment it is nothing really, I just wanted to print out a simple message whenever a file is opened. The problem is: To register to the hook I need…
michael
- 33
- 1
- 5
1
vote
3 answers
How to register Linux Security Module in kernel 2.6?
I want to use the LSM framework with kernel ubuntu 2.6.36.
When I compiled the kernel module, it wrote:
WARNING: "register_security " undefined!
After a lot of googlings, I found the reason is that the register_security() symbol is no longer…
user407389
- 11
- 2
1
vote
1 answer
New linux kernels, no lsm using lkms, no kernel hooks now what?
For security reasons, the kernel ceased to export characters necessary for writing security modules in the form of loadable kernel modules (Linux Kernel Module, LKM) starting with version 2.6.24.
And you can't export sys_call_table, again for…
aliep
- 1,702
- 2
- 21
- 33