Next: Acknowledgments
Up: System security in embedded
Previous: Security considerations in MiniRTL
As a guideline for setting up a RT-Task in a secure way consider the following scheme, it will not fit in all cases and it will be simply wrong in others but it should still give you an idea of how to approach the security related issues of task management on an RT-Linux system.
- Make sure no unprivileged user may overwrite or modify any of the rt_modules (this is obvious but who ever really checks /lib/modules for perms ??)
- Load the rt-modules at boot time
- Load rt-modules from init-script in an inactive state, that is load the module and don't actually let it do anything, accept for allocating all resources it will need.
- Set the FIFO to be owned by an unprivileged user
- Send a command via FIFO to start the rt_module for your application and record it in syslog with a timestamp
- Timestamp all logging information produced by your rt-modules !
Der Herr Hofrat
2002-03-08