From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S263587AbTLYGD1 (ORCPT ); Thu, 25 Dec 2003 01:03:27 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S263609AbTLYGD1 (ORCPT ); Thu, 25 Dec 2003 01:03:27 -0500 Received: from sabe.cs.wisc.edu ([128.105.6.20]:12050 "EHLO sabe.cs.wisc.edu") by vger.kernel.org with ESMTP id S263587AbTLYGD0 (ORCPT ); Thu, 25 Dec 2003 01:03:26 -0500 Message-ID: <3FEA7D2C.7080303@cs.wisc.edu> Date: Wed, 24 Dec 2003 22:01:16 -0800 From: raj User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225 X-Accept-Language: en-us, en MIME-Version: 1.0 To: linux-kernel@vger.kernel.org Subject: RFC - Kernel Process Firewall Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Folks, I have been working on a project called "Kernel Process Firewall (KPF)" that is nearing completion. The goal of the project is to provide users the ability to trace, monitor and control the system calls made by any process. I expect KPF to be of great value to system administrators, security analysts and researchers in general and solicit your comments. Some of you may have seen version 0.1 of the RFC which I mailed out earlier this month, just before I started work on the project. I have added more details in version 0.2, which is available from http://www.cs.wisc.edu/~raj/comminst/RFC If any of you'd be interested in accessing the code, I'll make it available. Thanks in advance, Raj