| 摘要 |
Some embodiments of a method and an apparatus to a method and an apparatus to implement secure system call wrapper have been presented. In one embodiment, a system call wrapper is used to validate parameters of a system call directed to a kernel from a user-space process. The user-space process supplies the parameters of the system call. The parameters are protected from being accessed by processes in the user-space after the parameters have been validated.
|
