Hooking exec system call
rohan.puri15 at gmail.com
Thu Sep 22 05:44:49 EDT 2011
On Thu, Sep 22, 2011 at 1:53 PM, Abhijit Pawar <apawar.linux at gmail.com>wrote:
> hi list,
> Is there any way to hook the exec system call on Linux box apart from
> replacing the call in System Call table?
> Abhijit Pawar
> Kernelnewbies mailing list
> Kernelnewbies at kernelnewbies.org
Tidy way : -
You can do that from LSM (Linux security module).
Untidy way : -
Yes, you can do that by registering a new binary format handler. Whenever
exec is called, a list of registered binary format handlers is scanned, in
the same way you can hook the load_binary & load_library function pointers
of the already registered binary format handlers.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Kernelnewbies