Re: Using File Operation Scope (KAUTH_SCOPE_FILEOP)
Re: Using File Operation Scope (KAUTH_SCOPE_FILEOP)
- Subject: Re: Using File Operation Scope (KAUTH_SCOPE_FILEOP)
- From: Terry Lambert <email@hidden>
- Date: Tue, 29 Nov 2005 15:09:31 -0800
Primarily because antivirus/antispyware/security auditing/etc. tools
need to know when files have been touched and need to be (re)scanned
or have some other operation performed. The listener can be used for
other applications as well, but this was the primary design intent.
You could also implement a file operation listener for reporting
similar to the "DEVMON" utility for monitoring Windows FS operations
by process doing the operating, per the Doctor Dobb's Journal Article
"Examining the Windows 95 Layered File System" by Mark Russinovich and
Bryce Cogswell in the December 1995 issue (obviously, you'd want to
exempt the monitoring process from monitoring itself by identifying
who opens th monitoring device established by the monitor KEXT, if you
did this last one).
-- Terry
On Nov 29, 2005, at 9:26 AM, Oliver Donald wrote:
Thanks for the clarification! I found most of this out myself
reading the docs more carefully, but I was still interested to hear
why the FILEOP scope was only for notification.
Thanks again,
Oli
-----Original Message-----
From: Quinn [mailto:email@hidden]
Sent: 29 November 2005 17:18
To: email@hidden
Subject: Re: Using File Operation Scope (KAUTH_SCOPE_FILEOP)
At 10:29 +0000 29/11/05, Oliver Donald wrote:
But my main question is, why does the KAUTH_SCOPE_FILEOP scope not
allow me to deny?
That's just the way it's designed. KAUTH_SCOPE_FILEOP is for
notification, KAUTH_SCOPE_VNODE is for checking.
Is there any chance of this being implemented in the future?
No.
My second plan would be to use the KAUTH_SCOPE_VNODE scope, but
this is too late,
Why do you say that? Vnode scope authorization is requested when
the file is opened, not for each individual read or write (that
would be /way/ too expensive). A vnode scope listener is the
correct place to add extra security checks. In fact, the default
listener for the vnode scope is responsible for implementing the
system's built-in permissions checking.
S+E
--
Quinn "The Eskimo!" <http://www.apple.com/developer/
>
Apple Developer Technical Support * Networking, Communications,
Hardware
DISCLAIMER: The information contained in this e-mail is confidential
and may be privileged. It is intended for the addressee only. If you
are not the intended recipient, please delete this e-mail
immediately. The contents of this email must not be disclosed or
copied without the sender's consent. We cannot accept any
responsibility for viruses, so please scan all attachments. The
statements and opinions expressed in this message are those of the
author and do not necessarily reflect those of the company. The
company does not take any responsibility for the views of the author.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden