Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 8 Apr 2003 21:27:19 +0200
From:      Pawel Jakub Dawidek <nick@garage.freebsd.pl>
To:        Steffen Mazanek <Steffen.Mazanek@unibw-muenchen.de>
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: Idea related to UNIX directories
Message-ID:  <20030408192718.GP1280@garage.freebsd.pl>
In-Reply-To: <86vfxpmov5.fsf@pseiko.studfb.unibw-muenchen.de>
References:  <86vfxpmov5.fsf@pseiko.studfb.unibw-muenchen.de>

next in thread | previous in thread | raw e-mail | index | archive | help

--7L9kolmstoDTZ4pm
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Apr 08, 2003 at 09:26:22AM +0200, Steffen Mazanek wrote:
+> I think it would be quit useful to allow some=20
+> code to be related to e.g. the i-nodes of directories.
+> Consider therefore an example. At first, all
+> directories have a default assignment to save
+> memory. This default assignment may realize
+> permission related stuff. Now some privileged users
+> have the permission to add their own code, which
+> must implement an interface and some standard=20
+> functions and in addition they are able to trigger
+> some events, e.g. write something to a log-file
+> whenever a user enters the directory or start=20
+> an application.
+>=20
+> What do you think about this idea? Is it feasible
+> at all?

You can try CerbNG, it provides much more than you want.

	http://cerber.sourceforge.net

There is policy that privide logging of execve() calls with arguments
and all interesting process informations:

	http://cerber.sourceforge.net/policies/log-exec.cb

You can write policy that will log interesting events with some prefix
and write program that will catch those logs and handle with catched
event.

If you give me some examples I could help you to write suitable policies.

--=20
Pawel Jakub Dawidek                       pawel@dawidek.net
UNIX Systems Programmer/Administrator     http://garage.freebsd.pl
Am I Evil? Yes, I Am!                     http://cerber.sourceforge.net

--7L9kolmstoDTZ4pm
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iQCVAwUBPpMilj/PhmMH/Mf1AQFvywP+Ixfa/rjG15jjiYcy5FtXjNLwGtyq+oFI
a346DKLMU7una9hDcwPNY0yXi3KuTpc4T9TtKCthCnfNmoCzEgrRZ6qIoh8KdzIN
iyVbvuqu+y7ka5Vpc4eDvvDJvBsAnyEXkgMRzCLQ3b5UcYtrjAQMvWIPPa1CvxfQ
RcklyG4z4hY=
=Z5jT
-----END PGP SIGNATURE-----

--7L9kolmstoDTZ4pm--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030408192718.GP1280>