headers
John Ogness | 2 Mar 2005 22:03
Picon

2.0.6-pre1 posted

Hi,

With the release of Linux 2.6.11 comes another change in the LSM API. In 
order to properly support stacking, Dazuko needs to implement the entire 
LSM API. For this reason a new pre-release (2.0.6-pre1) has been posted.

I am no longer actively working on the 2.0.x series, so this is just a 
minor change to support Linux 2.6.11. Unless someone reports a problem, 
this will most likely become the official 2.0.6 version.

On a side note, I am just about ready to post a new pre-release of 
2.1.0, which will have full support for trusted applications. This will 
allow processes to register with Dazuko but not be required to perform 
file access control. This is particulary useful for anti-virus software, 
where the scanning process may not the same process as the file access 
control process.

John Ogness

--

-- 
Dazuko Maintainer
Permalink | Reply |
headers
Calin A. Culianu | 18 Mar 2005 16:11

Re: 2.0.6-pre1 posted


>
> On a side note, I am just about ready to post a new pre-release of 2.1.0, 
> which will have full support for trusted applications. This will allow 
> processes to register with Dazuko but not be required to perform file access 
> control. This is particulary useful for anti-virus software, where the 
> scanning process may not the same process as the file access control process.
>

This seems pretty useful.  I am actually trying to implement a file access 
control daemon that talks to clamd for virus scanning (I find clamd's 
clamuko facility lacking some performance features).  Anyway it would be 
nice to be able to get the entire clamd group of processes (they are all 
threads) to be 'trusted' and not create dazuko events.  Is it possible to 
indicate that a whole process group is trusted with 2.1.0-birthday?  I 
guess I should grok the sources and see...

-Calin
Permalink | Reply |
headers
John Ogness | 18 Mar 2005 16:57
Picon

Re: 2.0.6-pre1 posted

Calin A. Culianu wrote:
> I am actually trying to implement a file 
> access control daemon that talks to clamd for virus scanning (I find 
> clamd's clamuko facility lacking some performance features).  Anyway it 
> would be nice to be able to get the entire clamd group of processes 
> (they are all threads) to be 'trusted' and not create dazuko events.  Is 
> it possible to indicate that a whole process group is trusted with 
> 2.1.0-birthday?

Hi,

Trusted apps are not supported in the 2.1.0-birthday (pre2) version. It is 
only available through CVS right now. But this weekend I plan on posting 
pre3, which has the complete trusted app API. I still need to write 
documentation and an example program to demonstrate how to use the trusted 
app interface.

John Ogness

--

-- 
Dazuko Maintainer
Permalink | Reply |

Gmane