[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Dazuko-devel] 2.3.1-pre1 posted

From: John Ogness
Subject: Re: [Dazuko-devel] 2.3.1-pre1 posted
Date: Wed, 16 Aug 2006 23:00:01 +0200
User-agent: Debian Thunderbird 1.0.2 (X11/20060724)

Tikka, Sami wrote:
> One other thing that kind of bothers me is that dazuko (when using syscall
> hooking) reports file accesses for non-existent files. 

It's interested that you complain about this. This is actually a feature
(which was a *lot* of work) which was introduced in Dazuko 2.0.3 for
FreeBSD 4 and later ported to FreeBSD 5 and Linux 2.4 for Dazuko 2.1.0.
Since the Linux 2.6 syscall hooking is based on the Linux 2.4 codebase,
it naturally also has this feature.

The feature was added because people wanted to know about events
*before* files are opened (probably to implement some form of user
rights management).

> When dazuko is using LSM, it only reports OPEN and EXEC events for success
> file opens or executions, which makes life a bit easier for the dazuko
> daemon.

This is because LSM doesn't provide information for files that do not
exist. Since Dazuko is supposed to report all events, I actually
consider this a bug for Dazuko with LSM.

> Could dazuko allow the open syscall to first complete and only if it is
> successful, ask the dazuko daemon if the result can be returned to the user
> or not?

Actually, Dazuko knows well before the real open() that the file doesn't
exist. Dazuko does a lot of work to figure out what the path *will* be.
It would be quite simple to move this logic behind an #ifdef and provide
a configure option for it. But I do not want to turn it off by default
because it is a feature that was requested by users and developers.

John Ogness

Dazuko Maintainer

reply via email to

[Prev in Thread] Current Thread [Next in Thread]