RE: [Dazuko-devel] 2.3.1-pre1 posted

dazuko-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Dazuko-devel] 2.3.1-pre1 posted

From:	Tikka, Sami
Subject:	RE: [Dazuko-devel] 2.3.1-pre1 posted
Date:	Wed, 16 Aug 2006 23:23:00 +0300

One other thing that kind of bothers me is that dazuko (when using syscall
hooking) reports file accesses for non-existent files. 

For example, if a perl interpreter is looking for a file in its @INC path
list, it simply tries to open the file in every one of those directories.
Dazuko faithfully reports all of these OPEN events.

One might think that a dazuko daemon simply needs to stat() the path given by
dazuko to figure out if the file exists or not, but that's not always
possible. The file might be on an NFS server or on some other file system
where you have to run in the context of the user to even see the file.

When dazuko is using LSM, it only reports OPEN and EXEC events for success
file opens or executions, which makes life a bit easier for the dazuko
daemon.

Could dazuko allow the open syscall to first complete and only if it is
successful, ask the dazuko daemon if the result can be returned to the user
or not?

-- Sami

[Prev in Thread]

Current Thread

[Next in Thread]

[Dazuko-devel] 2.3.1-pre1 posted, John Ogness, 2006/08/12
- RE: [Dazuko-devel] 2.3.1-pre1 posted, Tikka, Sami, 2006/08/16
  - Re: [Dazuko-devel] 2.3.1-pre1 posted, John Ogness, 2006/08/16
- RE: [Dazuko-devel] 2.3.1-pre1 posted, Tikka, Sami <=
  - Re: [Dazuko-devel] 2.3.1-pre1 posted, John Ogness, 2006/08/16

Prev by Date: RE: [Dazuko-devel] 2.3.1-pre1 posted
Next by Date: Re: [Dazuko-devel] 2.3.1-pre1 posted
Previous by thread: Re: [Dazuko-devel] 2.3.1-pre1 posted
Next by thread: Re: [Dazuko-devel] 2.3.1-pre1 posted
Index(es):
- Date
- Thread