[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Dazuko-devel] Comments on TAF
From: |
Calin A. Culianu |
Subject: |
Re: [Dazuko-devel] Comments on TAF |
Date: |
Mon, 28 Mar 2005 10:34:03 -0500 (EST) |
On Sun, 27 Mar 2005, John Ogness wrote:
I like the TAF, but do you think it could be modified to be easier to use
with apps that aren't aware of dazuko?
Ie: it would be nice to make apps that have no concept of dazuko be
trusted. Apps you didn't write and don't have the sourcecode to.
Hmmm. Trusting an application that you didn't write? Can such an application
really be trusted? Having trusted access is an enormous priviledge.
Good point. :) Trusting the apps isn't then a good way to categorize them
or think about them. However I am glad you do think ignoring certain
categories of events is a good idea..
What about something like:
dazukoAddExcludeEvent(struct dazuko_access *);
Here an actual event is specified that should be used as an exclude mask. You
could specify just a path, in which case it is identical to
dazukoAddExcludePath(), or you could specify many attributes that are
combined to create a mask.
These are just ideas for the moment. I need to think about this a bit.
Yes! I am really happy you agree that it could be a powerful feature!!
The above call actually would be enough, since the dazuko_access
struct does represent all the information we would/could desire to mask
out.
However if you think of it another way, perhaps masking IN is also useful
in some situations. For instance, what if you wanted only events from a
certain UID? Or from a certain PID? Starting with a mask that excludes
everything, then explicitly masking in UID XXX could be useful to some
apps that use dazuko (like mine! ;) ).
Expanding on you dazukoAddExcludeEvent() idea, here's one possible API way
to represent this:
/* somewhere in dazukoio.h: */
#define DAZUKO_EXCLUDE_ALL ((const struct dazuko_access *)(0x1))
/* .... somewhere in a dazuko program ... */
dazukoAddExcludeEvent(DAZUKO_EXCLUDE_ALL); /* special pointer
indicates to dazuko to
exclude all events */
{
/* at this point we want to start specifying an include mask */
struct dazuko_access myaccess;
memset(&myaccess, 0, sizeof(myaccess));
myaccess.uid = 1001;
myaccess.set_uid = 1;
myaccess.filename = (char *)"/home/bob";
dazukoAddIncludeEvent(&myaccess);
/* at this point dazuko will generate events from uid 1001(bob)
in path /home/bob */
}