[Path-based filesystem MAC Policy] Weekly status report (Week #1
and #2)
Alan Alvarez
aalvarez at aliensoft.net
Mon Jun 6 16:57:40 UTC 2011
Hello All,
I'm sorry for not sending out last week's status report. In this
email I will include what happened in the last two weeks.
During week 1 I spent most of the time setting up my dev environment
and a build/test server. Also, getting more familiar with the
mac_bsdextended module, the libugidfw library and the ugidfw userland
tool.
I was trying to figure out better ways to accomplish the goal of the
project than what I first proposed in my application. And I believe I
did. Instead of keeping a hash table, what I'm currently doing is
resolving the path when a new entry is made, and getting the file's id
and filesystem id and matching those when a check needs to be made.
There is still one outstanding issue, and that is that I will need to
keep track of files changes and update policy entries.
On week 2 I started working on the code. I've modified the
mac_bsdextended module to accept and resolve path-based policies.
Also, to perform permission checks on these policies.
What I have planned for week 3 is to modify libugidfw and the userland
ugidfw tool to allow users to enter path-based rules.
The project's wiki URL is [1]. The project's SVN repository is at [2].
If you have any questions or comments please send me an email at this address.
- [1] http://wiki.freebsd.org/PbMacPolicyGSoC2011
- [2] https://socsvn.freebsd.org/socsvn/soc2011/aalvarez/pbmac
--
regards,
Alan Alvarez
More information about the soc-status
mailing list