[Dazuko-devel] 2.0.3-pre3 posted

[John Ogness]

Hi,

A new pre-release for Dazuko has been posted. This version includes full 
Perl and Python support! The example program has been implemented in 
each language to help show how it works. You can find the various 
examples in the appropriate example_{language} sub-directories. You will 
need to run ./configure with the appropriate flags in order to have the 
various Makefiles generated. See `./configure --help' for a list of all 
the available options.

Linux Default Capabilities is now handled differently. Rather than 
trying to mirror the Linux 2.6 Capabilities development, the configure 
script will now copy the actual contents of the capability_ops structure 
directly from the kernel source code. I am not happy with the current 
LSM situation, but I have something new under development that should 
prove to be a better solution (explained next).

I have recently come into contact with Erez Zadok, an assistant 
professor at Stony Brook University in New York. Over the past few years 
he has done a great deal of work on stackable file systems. Many of his 
papers can be found at:

http://www.fsl.cs.sunysb.edu/project-fist.html

In the upcoming USENIX Security Symposium he will be presenting a paper 
on a new stackable filesystem called Avfs (On-Access Anti-Virus File 
System).

http://www.fsl.cs.sunysb.edu/project-antivirusfs.html

Using these concepts (particulary those of the FiST project), it should 
be possible to implement Dazuko as a stackable file system rather than 
hooking system calls. This would not only solve all the LSM frustrations 
with Linux 2.6, but would also help Dazuko earn respect in the kernel 
development community.

John Ogness

--
Dazuko Maintainer