Subject: Re: Veriexec enabled by default
To: YAMAMOTO Takashi <email@example.com>
From: Elad Efrat <elad@NetBSD.org>
Date: 10/27/2006 17:44:00
YAMAMOTO Takashi wrote:
> in the case of vn_open, i think following apple's KAUTH_SCOPE_VNODE is
> the best bet.
okay, so we add the vnode scope. problem is, the action on that scope
is a bitfield of acl requests. do you want me to follow that design with
our vnode scope?
if yes, we can use the following actions:
we're missing however an action for "rename".
> btw, why veriexec cares namespace operations like rename?
> it associates fingerprints to filehandles, which are not affected by rename,
> doesn't it?
yes, it doesn't really care about the filename. it uses the name to
indicate that a monitored file was renamed or prevent renaming it (the
latter may be required in, say, ips mode, or lockdown mode for