From owner-soc-status@FreeBSD.ORG Mon Jun 6 16:57:40 2011 Return-Path: Delivered-To: soc-status@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BDE42106566B for ; Mon, 6 Jun 2011 16:57:40 +0000 (UTC) (envelope-from aalvarez@aliensoft.net) Received: from mail-gw0-f54.google.com (mail-gw0-f54.google.com [74.125.83.54]) by mx1.freebsd.org (Postfix) with ESMTP id 88FF88FC16 for ; Mon, 6 Jun 2011 16:57:40 +0000 (UTC) Received: by gwb15 with SMTP id 15so2237596gwb.13 for ; Mon, 06 Jun 2011 09:57:39 -0700 (PDT) Received: by 10.101.178.18 with SMTP id f18mr3799651anp.115.1307377992105; Mon, 06 Jun 2011 09:33:12 -0700 (PDT) MIME-Version: 1.0 Received: by 10.100.118.4 with HTTP; Mon, 6 Jun 2011 09:32:52 -0700 (PDT) X-Originating-IP: [200.88.151.41] From: Alan Alvarez Date: Mon, 6 Jun 2011 12:32:52 -0400 Message-ID: To: soc-status@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: [Path-based filesystem MAC Policy] Weekly status report (Week #1 and #2) X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 16:57:40 -0000 Hello All, I'm sorry for not sending out last week's status report. In this email I will include what happened in the last two weeks. During week 1 I spent most of the time setting up my dev environment and a build/test server. Also, getting more familiar with the mac_bsdextended module, the libugidfw library and the ugidfw userland tool. I was trying to figure out better ways to accomplish the goal of the project than what I first proposed in my application. And I believe I did. Instead of keeping a hash table, what I'm currently doing is resolving the path when a new entry is made, and getting the file's id and filesystem id and matching those when a check needs to be made. There is still one outstanding issue, and that is that I will need to keep track of files changes and update policy entries. On week 2 I started working on the code. I've modified the mac_bsdextended module to accept and resolve path-based policies. Also, to perform permission checks on these policies. What I have planned for week 3 is to modify libugidfw and the userland ugidfw tool to allow users to enter path-based rules. The project's wiki URL is [1]. The project's SVN repository is at [2]. If you have any questions or comments please send me an email at this address. - [1] http://wiki.freebsd.org/PbMacPolicyGSoC2011 - [2] https://socsvn.freebsd.org/socsvn/soc2011/aalvarez/pbmac -- regards, Alan Alvarez