Idea related to UNIX directories
Pawel Jakub Dawidek
nick at garage.freebsd.pl
Tue Apr 8 12:27:20 PDT 2003
On Tue, Apr 08, 2003 at 09:26:22AM +0200, Steffen Mazanek wrote:
+> I think it would be quit useful to allow some
+> code to be related to e.g. the i-nodes of directories.
+> Consider therefore an example. At first, all
+> directories have a default assignment to save
+> memory. This default assignment may realize
+> permission related stuff. Now some privileged users
+> have the permission to add their own code, which
+> must implement an interface and some standard
+> functions and in addition they are able to trigger
+> some events, e.g. write something to a log-file
+> whenever a user enters the directory or start
+> an application.
+>
+> What do you think about this idea? Is it feasible
+> at all?
You can try CerbNG, it provides much more than you want.
http://cerber.sourceforge.net
There is policy that privide logging of execve() calls with arguments
and all interesting process informations:
http://cerber.sourceforge.net/policies/log-exec.cb
You can write policy that will log interesting events with some prefix
and write program that will catch those logs and handle with catched
event.
If you give me some examples I could help you to write suitable policies.
--
Pawel Jakub Dawidek pawel at dawidek.net
UNIX Systems Programmer/Administrator http://garage.freebsd.pl
Am I Evil? Yes, I Am! http://cerber.sourceforge.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20030408/becff925/attachment.bin
More information about the freebsd-hackers
mailing list