Sciweavers

CCS
2005
ACM

Automatic placement of authorization hooks in the linux security modules framework

14 years 5 months ago
Automatic placement of authorization hooks in the linux security modules framework
We present a technique for automatic placement of authorization hooks, and apply it to the Linux security modules (LSM) framework. LSM is a generic framework which allows diverse authorization policies to be enforced by the Linux kernel. It consists of a kernel module which encapsulates an authorization policy, and hooks into the kernel module placed at appropriate locations in the Linux kernel. The kernel enforces the authorization policy using hook calls. In current practice, hooks are placed manually in the kernel. This approach is tedious, and as prior work has shown, is prone to security holes. Our technique uses static analysis of the Linux kernel and the kernel module to automate hook placement. Given a non-hookplaced version of the Linux kernel, and a kernel module that implements an authorization policy, our technique infers the set of operations authorized by each hook, and the set of operations performed by each function in the kernel. It uses this information to infer the ...
Vinod Ganapathy, Trent Jaeger, Somesh Jha
Added 26 Jun 2010
Updated 26 Jun 2010
Type Conference
Year 2005
Where CCS
Authors Vinod Ganapathy, Trent Jaeger, Somesh Jha
Comments (0)