<<On Wed, 25 Aug 2010 23:03:48 -0400 (EDT), Benjamin Kaduk <[email protected]> said:
> On Wed, 25 Aug 2010, Benjamin Kaduk wrote: >> if this is FreeBSD HEAD making it harder for us to hook the syscall table or >> an afsd regression or me doing something stupid). > Turns out that it was them making it harder for us to hook the syscall > table; my machine is back up. There is only one supported way for a loadable module to install a system call; any other attempt at "hooking" is wrong and should not be attempted -- it is nearly guaranteed that you will not get the protocol correct. (Has anyone actually implemented PAGs for FreeBSD yet? It's pretty obvious how they should be implemented -- as a pseudo-MAC policy -- but I haven't followed the development sufficiently closely. I'm concerned that some of this "hooking" might be trying to install old-style getgroups/setgroups wrappers, which is definitely in Deserves To Lose territory.) -GAWollman _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
