Re: [Dazuko-devel] 2.0.6 released

[Sami Tikka]

Calin A. Culianu wrote:
> Yeah, although for now the poor man's solution (which is what I did) is 
> just to do the work yourself in your application of determining who you 
> trust, etc based on things like executable name or process group id, 
> etc.  It's slower though, definitely, as you have all that context 
> switch overhead.. but for anyone that needs it working now, it is better 
> than nothing...

I also have a dazuko application that needs to talk to another deamon 
via a unix domain socket and the other daemon generates more dazuko 
requests.

I have a two-pronged approach:

1) I ship a patched version of dazuko that allows me to exclude 
processes based on their PID and

2) Just in case the dazuko is not patched, I will check /proc/PID/exe to 
figure out if the "other daemon" caused this disk access. But to be 
safe, this means I always need to have free threads waiting in 
dazukoGetAccess_TS() (and how exactly do you make sure you have enough 
free threads? :)

I am very happy that John is making good progress with the trusted 
application framework in dazuko 2.1.0. I hope to eventually stop 
shipping dazuko with my application and just tell users to download the 
standard dazuko and use that.


P.S. A somewhat-related question: If I have a threaded application (and 
I do) and one or more of the threads register with dazuko, does dazuko 
intercept file accesses of threads belonging to the same process but 
have not registered with dazuko? (I have been working with the 
assumption that dazuko intercepts all threads, regardless of process, if 
they have not been registered.)

--
Sami Tikka                          tel: +358 9 2520 5115
Senior Software Engineer            fax: +358 9 2520 5013
F-Secure Corporation                http://www.F-Secure.com/
Be Sure.