To manage the process of loading new programs AppCL LSM will use the LSM program loading hooks that mediate program loading. The ‘linux_binprm’ structure represents a new program being loaded during an execve.
Initially the ‘bprm_set_creds’ hook is initialised as shown below. Currently the path name for the loading program is identified (fpath_name) through the ‘linux_binprm’ structure.
The screenshot below shows the output from the kernel log when running a number of command line programs. The path name for each program is identified and detailed below.
Program ‘tail‘ : Path ‘/usr/bin/tail‘
Program ‘ls‘ : Path ‘/bin/ls‘
Program ‘cat‘ : Path ‘/bin/cat‘
The path name of a program on the system can act as a program specific identifier to allow AppCL LSM to identify programs and mediate privileges based on this.
To view the public git for this project visit: