Re: [PATCH] some cleanup + antiforkbomb

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Daniele Bellucci wrote:

| - add the antiforkbomb by using the LSM hook for task_create
| - some clean up
| - add a _temporaly_ logging facility via printk
| - a sysdep.h (to clean up some code from engine.c)
Your work is extremly good and I'll appriciated it but I won't apply as
is your patch for one reason. In the "AngeL meets LSM" thread, buffer
pointed out that it would be bad to break down kernel compatibility with
older releases (2.2 and 2.4) so I changed radically new directory layout
in order to achieve:
*) kernel related source code;
*) anti attacks code indipendent from kernel ones

So your work will be applied in my local copies meeting the new layout
which is not yet public however... of course it will be applyed :)

One goal I want to reach is having a network attack core that is
pluggable. I want to implement the netfilter hook with the capability to
~ create a pool of function pointers that can be directed at run time
after loading "anti network attack". So people can write a plugin like
to stop sending worms, virues, even spam and they can share their code
without waiting we release that code in official angel tarball.

What do you think about it?

| I have a little question, what about adding an "anti escape from chroot
| jail"?
Yes, we can play around chroot(2) call. Please do these hacks onto 0.9
code, for me it simpler to propagade new feature from 0.9 than from 0.15

| i would be very glad to code a "prison".
Mmmh... it would be better to code an anti chroot escape code rather
than closing every process in a jail... IMHO. It's root task to decide
what must be chrooted and what not, we must assure that people won't
break the jail.

| I'm new in the ML, i don't know the whole story about the project ...
May be just Aldo and GG Sullivan knows all AngeL story from the very
beginning... :)

| I have another question/proposal for the codying style:
| since we're devoloping a kernel module, why don't use the linux-kernel
| codying style?
No problem about using lindent script before submitting patch...

Regards,
thesponge
- --
$>cd /pub
$>more beer

(0>
//\  Perego Paolo <p_perego@xxxxxxxxxxx> - www.sikurezza.org/angel
V_/_ 'Diverso non significa necessariamente peggiore.'
I'm Linux zion 2.4.21-166-athlon - SuSE Linux 9.0 (i586) powered.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFAD/lAe2SOXFIw7OcRAnlJAJ4/qV/EOIH6KliJuEg2sXa3bjrdBQCffM3N
V+xZTFGt46b8CawL/iS6UYY=
=dgNL
-----END PGP SIGNATURE-----

________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List