RE: [Dazuko-devel] 2.1.0-pre3 posted

[Tikka, Sami]

>-----Original Message-----
>From: address@hidden 
>
>Other than that, I feel that the current 2.1.0-pre3 is ready. But I am 
>anxious to get some feedback about TAF (trusted application 
>framework). 
>This is a feature that has been heavily requested by the developers of 
>Dazuko-based applications. I want to make sure that it's been 
>implemented in a way that will make everyone happy (if such a thing is 
>possible).

Based on quick reading of README.trusted I would be happy with TAF with one
addition.

README.trusted did not specify what happens when a trusted process dies
without calling dazukoUnregisterTrusted(). Does the dazuko driver detect the
death and remove the process from the list of trusted processes (this might
be impossible)? Or is it up to the registered process(es) to monitor the
trusted process(es) and tell dazuko to no longer trust it if it should die
unexpectedly? This would work very well when the registered process is the
parent of the trusted process. AFAIK the parent process is the only one who
is notified when a process dies.

However, there is no API call to remove trust from one process, there is just
dazukoRemoveAllTrusted()

I think it would make sense to add a call like:
int dazukoRemoveTrusted(pid_t trusted_pid)

I would also like to be able to place trust on a process that is not
dazuko-aware, but I can make them dazuko-aware if the API stays as it is.

-- 
Sami Tikka                tel. +358 9 2520 5115 
senior software engineer  fax. +358 9 2520 5014
                          mobile +358 40 7379388
F-Secure Corporation      http://www.f-secure.com
BE SURE