linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* FileSystem Filter Driver
@ 2003-04-23 10:28 Nir Livni
  2003-04-23  1:05 ` Antonio Vargas
                   ` (2 more replies)
  0 siblings, 3 replies; 15+ messages in thread
From: Nir Livni @ 2003-04-23 10:28 UTC (permalink / raw)
  To: linux-kernel; +Cc: Nir L

Hi all,
I am looking for information about writing a FileSystem Filter Driver on RH.
Any documentation or source code samples whould be appreciated.

Please make sure you CC' me on any answer for this post, because I am not
registered (yet ?)

Thanks,
Nir




^ permalink raw reply	[flat|nested] 15+ messages in thread
* Re: FileSystem Filter Driver
@ 2003-04-23 19:12 Chuck Ebbert
  0 siblings, 0 replies; 15+ messages in thread
From: Chuck Ebbert @ 2003-04-23 19:12 UTC (permalink / raw)
  To: linux-kernel

Valdis.Kletnieks wrote:

.> Proper kernel auditing is harder than it looks.  Check the LSM mailing list
.> archives for the last attempt to get auditing into the kernel - the idea
.> was basically dropped.
.> ...<snip>...


  In addition to all the points you covered, you also have to figure
out what to do if the log medium fills up or fails.  In a high security
environment the only thing you can do is panic the system immediately,
because (unaudited) bad things might already be happening.  You also
have to configure the system so it will not boot into multiuser
mode if the log has failed.  (And *then* you get to deal with clueless
admins who will disable that feature in their desperation to get
the system up and running, but that's not really a technical problem.)

------
 Chuck

^ permalink raw reply	[flat|nested] 15+ messages in thread
* RE: FileSystem Filter Driver
@ 2003-04-29 13:35 Nir Livni
  0 siblings, 0 replies; 15+ messages in thread
From: Nir Livni @ 2003-04-29 13:35 UTC (permalink / raw)
  To: linux-kernel

Thanks Muli,
Your answer has been a great help

Nir

-----Original Message-----
From: Muli Ben-Yehuda [mailto:mulix@mulix.org] 
Sent: Wednesday, April 23, 2003 3:22 PM
To: Nir Livni
Cc: linux-kernel@vger.kernel.org
Subject: Re: FileSystem Filter Driver

On Wed, Apr 23, 2003 at 02:20:38PM +0200, Nir Livni wrote:

> My goal is to write a driver that runs above the filesystem driver, 
> and filters calls to this driver. Actually, it should pass all calls 
> to the filesystem driver, except very few that it should fail for 
> "Access Denied". Are there any simple examples for that matter ?

A. Sounds like it could be implemented using the LSM (linux security
modules) framework, assuming the appropriate hooks are in place. 

B. The May 2003 Linux Journal issue has an article on "Writing Stackable
Filesystems" by Erez Zadok, which might fit your needs better.

Hope this helps, 
Muli. 
-- 
Muli Ben-Yehuda
http://www.mulix.org




^ permalink raw reply	[flat|nested] 15+ messages in thread

end of thread, other threads:[~2003-04-29 13:32 UTC | newest]

Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-04-23 10:28 FileSystem Filter Driver Nir Livni
2003-04-23  1:05 ` Antonio Vargas
2003-04-23 12:20   ` Nir Livni
2003-04-23 12:22     ` Muli Ben-Yehuda
2003-04-23 10:08 ` Abhishek Agrawal
2003-04-23 11:47   ` Michael Knigge
2003-04-23 12:11     ` Abhishek Agrawal
2003-04-23 16:11       ` joe briggs
2003-04-23 15:48     ` Leonard Milcin, Jr
2003-04-23 16:21       ` Valdis.Kletnieks
2003-04-23 12:58   ` Nir Livni
2003-04-23 11:53 ` Rogier Wolff
2003-04-23 14:27   ` William Stearns
2003-04-23 19:12 Chuck Ebbert
2003-04-29 13:35 Nir Livni

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).