tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: what keylock(4) actually does for netbsd?

Am 10.08.2009 um 08:40 schrieb matthew green:

  I described the purpose of keylocks in my first post.

what i have not yet seen described is what keylocks mean to netbsd.
you've got a secmodel.  what does it do?  what operations is it
hooked into?  how can i use this code?

That is the experimental part. Right now it somewhat mimics the securelevel secmodel. The intention is to work with this and refine the secmodel over time. Controlling kernel level security using a hardware device is a new concept and needs some experimentation and research. That is the reason why I keep saying it is experimental.

The idea is that maybe two or three people could become interested in this and buy locks and hook them to a system. And while you "play" with it you'll find suddenly what key positions could mean wrt security.

The code actually has two "outputs": One interface is inside the kernel, for e.g. the secmodel_keylock to query the state, the second interface are sysctl variables that allow the lock state to be queried from userland.

what's the actual use case you have in mind?

Rigth now two very specific ones:

a) POS terminals where the keylock defines the level you have on the system.

b) A system with two locks that only can be operated when both locks are in the right position (with two people having a key each). Maybe a firewall whose rules can only be changed if the keys are in a certain position. Actually two locks are not supported yet, that would be one of the next steps.

And a third use case I wanted to use this in a workshop next week to demonstrate a few things, but I will drop that, I guess.

please reply on tech-kern -- i know that several others have been
asking the same questions (including on that list) and it would
be good to get the answer for everyone.

tech-kern CC'ed as per your request.

Home | Main Index | Thread Index | Old Index