[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Dazuko-devel] 2.0.6 released
From: |
Sami Tikka |
Subject: |
Re: [Dazuko-devel] 2.0.6 released |
Date: |
Wed, 23 Mar 2005 10:26:34 +0200 |
User-agent: |
Mozilla Thunderbird 1.0 (X11/20050103) |
Calin A. Culianu wrote:
Yeah, although for now the poor man's solution (which is what I did) is
just to do the work yourself in your application of determining who you
trust, etc based on things like executable name or process group id,
etc. It's slower though, definitely, as you have all that context
switch overhead.. but for anyone that needs it working now, it is better
than nothing...
I also have a dazuko application that needs to talk to another deamon
via a unix domain socket and the other daemon generates more dazuko
requests.
I have a two-pronged approach:
1) I ship a patched version of dazuko that allows me to exclude
processes based on their PID and
2) Just in case the dazuko is not patched, I will check /proc/PID/exe to
figure out if the "other daemon" caused this disk access. But to be
safe, this means I always need to have free threads waiting in
dazukoGetAccess_TS() (and how exactly do you make sure you have enough
free threads? :)
I am very happy that John is making good progress with the trusted
application framework in dazuko 2.1.0. I hope to eventually stop
shipping dazuko with my application and just tell users to download the
standard dazuko and use that.
P.S. A somewhat-related question: If I have a threaded application (and
I do) and one or more of the threads register with dazuko, does dazuko
intercept file accesses of threads belonging to the same process but
have not registered with dazuko? (I have been working with the
assumption that dazuko intercepts all threads, regardless of process, if
they have not been registered.)
--
Sami Tikka tel: +358 9 2520 5115
Senior Software Engineer fax: +358 9 2520 5013
F-Secure Corporation http://www.F-Secure.com/
Be Sure.
- [Dazuko-devel] 2.0.6 released, John Ogness, 2005/03/20
- Re: [Dazuko-devel] 2.0.6 released, Calin A. Culianu, 2005/03/21
- Re: [Dazuko-devel] 2.0.6 released, John Ogness, 2005/03/22
- Re: [Dazuko-devel] 2.0.6 released, Calin A. Culianu, 2005/03/22
- Re: [Dazuko-devel] 2.0.6 released, John Ogness, 2005/03/22
- Re: [Dazuko-devel] 2.0.6 released, Calin A. Culianu, 2005/03/22
- Re: [Dazuko-devel] 2.0.6 released, John Ogness, 2005/03/23
- Re: [Dazuko-devel] 2.0.6 released, Calin A. Culianu, 2005/03/23
- Re: [Dazuko-devel] 2.0.6 released,
Sami Tikka <=
- Re: [Dazuko-devel] 2.0.6 released, John Ogness, 2005/03/23
- Re: [Dazuko-devel] 2.0.6 released, Calin A. Culianu, 2005/03/27
- Re: [Dazuko-devel] 2.0.6 released, Calin A. Culianu, 2005/03/27
- Re: [Dazuko-devel] 2.0.6 released, Calin A. Culianu, 2005/03/27