Logging sensitive information from kernel (while atomic and uninterrupted)
Panagiotis Sakkos
panos.sakkos at cern.ch
Thu May 3 04:40:52 EDT 2012
Hi again,
I would like to ask you the possible ways of logging information from the kernel, without
the messages being intercepted from dmesg. Also please note that my implementation uses the kprobes API, so in my probes I am atomic and uninterrupted.
* printk sends the logs to the kernel ring buffer, so dmesg will always see them. Hence, printk-ing is not a solution.
* Logging to a unix socket (i.e. /dev/log) didn't work (check "Crash when sending a lot of messages through a unix socket" thread).
* proc filesystem, I am not sure, but I believe that is not suitable for logging information. It is more for kernel information exposing.
Any other ideas? My problem is that I log sensitive data and any unprivileged user can run dmesg and see the sensitive logs.
Thank you in advance for your time,
Panos
--
http://www.cern.ch/psakkos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20120503/e4bf77e7/attachment.html
More information about the Kernelnewbies
mailing list