How to hook the system call?
richard -rw- weinberger
richard.weinberger at gmail.com
Sun Nov 27 20:12:37 EST 2011
On Sun, Nov 27, 2011 at 11:17 PM, Jonathan Neuschäfer
<j.neuschaefer at gmx.net> wrote:
> On Wed, Nov 23, 2011 at 04:40:14PM +0800, Geraint Yang wrote:
>> Hello everyone,
>>
>> I am going to hook a system call like 'read' or 'send' by modifying the
>> sys_call_table, but it seems that the sys_call_table is in read only page,
>> how can I set modify the sys_call_table ? Or if there any method that I can
>> use to hook a system call in module without modify the kernel source?
Please keep in mind that hooking a system call is very bad and error prone.
--
Thanks,
//richard
More information about the Kernelnewbies
mailing list