T mode for subjects
Posted: Sat Jul 08, 2006 2:27 pmHi all 
First: I apologize for my bad english.
From gracldoc.pdf, in the section about subject modes:
What does it mean? I know what is a trojaned code (but maybe my definition differs) but how does grsecurity prevent the execution of a trojaned subject? Does it save a hash of the executable file and checks that it is not tampered when it is started?
I've checked the kernel source and it seems that it refers to the GR_NOTROJAN constant, but it seems that this constant isn't used anywhere in the code.
In brief: what does the T mode do to a subject?
Thank you all.
First: I apologize for my bad english.
From gracldoc.pdf, in the section about subject modes:
* T - Ensures this process can never execute any trojaned code
What does it mean? I know what is a trojaned code (but maybe my definition differs) but how does grsecurity prevent the execution of a trojaned subject? Does it save a hash of the executable file and checks that it is not tampered when it is started?
I've checked the kernel source and it seems that it refers to the GR_NOTROJAN constant, but it seems that this constant isn't used anywhere in the code.
In brief: what does the T mode do to a subject?
Thank you all.