Hooking a system call.

Hooking a system call. · V.Ravikumar <hidden> · 2012-03-26
Hooking a system call. · Mulyadi Santosa <hidden> · 2012-03-26
Hooking a system call. · V.Ravikumar <hidden> · 2012-03-26
Hooking a system call. · Mulyadi Santosa <hidden> · 2012-03-26
Hooking a system call. · peter.senna@gmail.com (Peter Senna Tschudin) · 2012-03-26
Hooking a system call. · Javier Martinez Canillas <hidden> · 2012-03-26
Hooking a system call. · Ravishankar <hidden> · 2012-03-26
Hooking a system call. · richard -rw- weinberger <hidden> · 2012-03-26
Hooking a system call. · Fredrick <hidden> · 2012-03-26
Hooking a system call. · V.Ravikumar <hidden> · 2012-03-28
Hooking a system call. · rohan puri <hidden> · 2012-03-28

From: Mulyadi Santosa <hidden>
Date: 2012-03-26 07:48:54

Hi...

On Mon, Mar 26, 2012 at 11:45, V.Ravikumar [off-list ref] wrote:

As part of auditing purpose I need to intercept/hook open/read/write system
calls.

As I was lack of knowledge into kernel development.Could somebody help me
out here ?
I'm working on RHEL-5 machine with Linux kernel version 2.6.18
Thanks & Regards,
Ravi

IMHO you better use SystemTap, which is based on Kprobes. It can be
used to hook into almost every part of kernel system, with very less
overhead.

-- 
regards,

Mulyadi Santosa
Freelance Linux trainer and consultant

blog: the-hydra.blogspot.com
training: mulyaditraining.blogspot.com

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help