[Qemu-devel] syscall filtering

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] syscall filtering

From:	Magnus Damm
Subject:	[Qemu-devel] syscall filtering
Date:	Tue, 23 Nov 2004 15:19:15 +0100

Hello,

While Piotrek is thinking about securing the system emulator, I am more
interested in syscall filtering. I have not thought about it too much,
but the idea (if possible) would be to run qemu as a filter for certain
binaries on your machine. Basically, you run i386-user with filters on a
i386 machine.

fakeroot-replacement:
---------------------
fakeroot is nice, but is only working for dynamically linked binaries.
Using the qemu user emulator to filter syscalls would make it possible
to have a fakeroot that works for any binary. As long as the binary
doesn't try to do any root-activities in the kernel that is.

securing scripts:
-----------------
Trojans hiding in configure-scripts, how fun is that? Remember?
http://www.mavetju.org/unix/openssh-trojan.php
By executing the configure script (and all children) in an environment
that detects and disables network activity I would feel safe(r).

/ magnus

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] syscall filtering, Magnus Damm <=
- Re: [Qemu-devel] syscall filtering, Paul Brook, 2004/11/23
- Re: [Qemu-devel] syscall filtering, J. Mayer, 2004/11/23
  - [Qemu-devel] Re: syscall filtering, Ben Pfaff, 2004/11/23
  - Re: [Qemu-devel] syscall filtering, Philipp Gühring, 2004/11/24

Prev by Date: Re: [Qemu-devel] building a virus-proof PC with Qemu
Next by Date: Re: [Qemu-devel] syscall filtering
Previous by thread: [Qemu-devel] building a virus-proof PC with Qemu
Next by thread: Re: [Qemu-devel] syscall filtering
Index(es):
- Date
- Thread