|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Capturing System Calls
From: Pavel Kankovsky (peak
ARGO.TROJA.MFF.CUNI.CZ)Date: Thu Jun 22 2000 - 13:18:10 CDT
- Next message: Granquist, Lamont: "Re: Capturing System Calls"
- Previous message: Edsel Adap: "Re: Capturing System Calls"
- In reply to: Ryan Permeh: "Re: Capturing System Calls"
- Next in thread: Oliver Friedrichs: "Re: Capturing System Calls"
- Reply: Pavel Kankovsky: "Re: Capturing System Calls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 22 Jun 2000, Ryan Permeh wrote:
> This doesn't allow you to modify, just monitor, and it is strictly
> noninteractive(ie: you can't break on specific systems calls, etc).
Subterfugue (http://subterfugue.org/) can do virtually anything
(modify syscall parameters, ask a user whether a particular operation is
allowed etc.) but it needs a recent Linux kernel (older implementations of
ptrace() have too many shortcomings).
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
- Next message: Granquist, Lamont: "Re: Capturing System Calls"
- Previous message: Edsel Adap: "Re: Capturing System Calls"
- In reply to: Ryan Permeh: "Re: Capturing System Calls"
- Next in thread: Oliver Friedrichs: "Re: Capturing System Calls"
- Reply: Pavel Kankovsky: "Re: Capturing System Calls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]