> communicates with the kernel using character device to send and receive
> "packets". Daemon contains the whole logic and implements the concrete
> security policy. That means, that medusa can (as opposite to another
[...]
> * ability to enforce process to execute an arbitrary code. This feature
> is usefull to enforce logging drom that process and so.
the fact that your program has both a userspace and a kernel-space
component makes it almost immediately suspect as "vulnerable". kind of
funny for me to get to reply to a "security tool" announcement with a
notice-of-warning.
has the source to the userspace module been audited yet? hopefully by
someoen other than the authors?
that last part sounds like it might make, with a few mods, a great 3l33t
h@x0r tool :) perhaps it might be most useful to someone good enough to
get a rootshell but not good enough to hack away at the process table by
themselves.
all in all, this thing scares me.
elijah
