Date: Mon, 6 Jun 2011 12:32:52 -0400 From: Alan Alvarez <aalvarez@aliensoft.net> To: soc-status@freebsd.org Subject: [Path-based filesystem MAC Policy] Weekly status report (Week #1 and #2) Message-ID: <BANLkTinZrbz2zPTLjjRjWWg_Sz=Qu_R2jg@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello All,
I'm sorry for not sending out last week's status report. In this
email I will include what happened in the last two weeks.
During week 1 I spent most of the time setting up my dev environment
and a build/test server. Also, getting more familiar with the
mac_bsdextended module, the libugidfw library and the ugidfw userland
tool.
I was trying to figure out better ways to accomplish the goal of the
project than what I first proposed in my application. And I believe I
did. Instead of keeping a hash table, what I'm currently doing is
resolving the path when a new entry is made, and getting the file's id
and filesystem id and matching those when a check needs to be made.
There is still one outstanding issue, and that is that I will need to
keep track of files changes and update policy entries.
On week 2 I started working on the code. I've modified the
mac_bsdextended module to accept and resolve path-based policies.
Also, to perform permission checks on these policies.
What I have planned for week 3 is to modify libugidfw and the userland
ugidfw tool to allow users to enter path-based rules.
The project's wiki URL is [1]. The project's SVN repository is at [2].
If you have any questions or comments please send me an email at this address.
- [1] http://wiki.freebsd.org/PbMacPolicyGSoC2011
- [2] https://socsvn.freebsd.org/socsvn/soc2011/aalvarez/pbmac
--
regards,
Alan Alvarez
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BANLkTinZrbz2zPTLjjRjWWg_Sz=Qu_R2jg>