After a bit of a break while changing jobs (and moving to DC)
here is 0.10. 2.4.X (tested up to 2.4.2) works on this version.
(SMP also).
Also, A Perl-Based Parser for all that learing out put is included to facilitate the creation of the Rulebase from all
that learning output! (YEA! No more "By - Hand".) Combined
with the OVERRIDE option in the rulebase, daemon processes
may be included under the protective umbrella (READ: Remote Root Exploits).... read more
More changes, and compile failures on some linux systems.
Changes include:
1. Include file <sys/mman.h> changed to <linux/mman.h>
2. Make file now defines explicitly where the linux include
files are. This fixes a major crapping out when the include
files were expected to be found in /usr/include/linux.
If your linux kernel tree is not under /usr/src/linux, you will
need to modify the Makefile appropriately. ... read more
Here is what is known so far:
It appears that on there are compile problems on Mandrake,
Debian, and (no confirmation) Redhat 7 systems.
There are 2 changes that can be made to get them
to compile. I am still working on the 'why' for one
of them, since it doesn't seam to make mutch sense.
(youll understand in a moment)
1. Edit the StJude_response_default.c file, changing
the #include <sys/mman.h> line to read #include <linux/mman.h>... read more
I have gotten a couple reports of compile warnings
and errors from individuals. It appears there is some
interaction between the versions of glibc and the
kernel. At this time I am trying to determine a matrix
to allow me to determine how best to accomidate the
various versions.
If you experience any compile warnings with the default
compile, please email me the warnings/problems along
with :
-- Version of Kernel you are running.
-- Glibc Version... read more
This release fixes problems in 0.05 that would cause
compiled to fail -- ie, I pulled a DOH!
Changes include inclusion of Redhat 7.0 patch and
alternate response method - redirection of execution.
See Changes file for information.
A Patch for StJude_LKM has been added to the patch
manager. This patch is needed in order to compile StJude
on a Redhat 7.0 system.
The spinlock.h file in redhat 7 refrences some symbols that
are not present on non-smp systems. This seems to be a
issue with spinlock.h file included with redhat 7, and possibly the GCC developmental tree.
The patch is around 800 bytes and defines out the include
line for non-smp systems.... read more
This release of Saint Jude Linux Kernel Module marks the first release of this project on Sourceforge.
This update addresses a honery bug that would arise when a privlaged process called a setuid-non-root program, that
subsiquently would try to run a setuid-root program. The results would not behave as expected, and usualy would result in the setuid-root program as being flagged in violation when infact it was not.... read more