How to Make Modify the Entries in Access Control Database for Linux Kernel 2.4.18-14?
Access Control Database is an intrusion prevention mechanism developed for Red Hat Linux kernel 2.4.18-14
Every system call has got an ACD of its own. It contains the entries for the programs which can make use of the corresponding system call.
This facility is available with the REMUS module i.e. the Reference Monitor for Unix Systems.
To begin with,I have successfully attached that module with the kernel but i am finding difficulty to make changes in the database of the ACD..
its under the /proc/sys/remus directory which is a virtual directory.
The Readme file has given a procedure to add and delete the entries but the syntax is not clear..
ADD <executable> <process>
what should be an ideal test case for it? i.e. what should be a executable?
Kindly provide some guidance to me so that i can work further.
Thank You.
Last edited by kks_gs; 02-07-2009 at 04:42 AM.
|