Re: Using KAuth for Monitoring File Operations
Re: Using KAuth for Monitoring File Operations
- Subject: Re: Using KAuth for Monitoring File Operations
- From: Michael Smith <email@hidden>
- Date: Fri, 15 Jun 2007 03:03:59 -0700
On Jun 15, 2007, at 2:59 AM, Yogesh Kulkarni wrote:
I am writing a kext module which monitors file system activities
and generates events, by taking help of 'Sample Code Project
KauthOrRama' in Technical Note 2127 for Kernel Authorization.
But KAuth is generating event after the action (e.g. READ / WRITE)
takes place on the file.
This is the behaviour as defined for the KAUTH_FILEOP scope.
In our Application, we require that event should be generated
before the actual action on the file is performed.
Your KAUTH plugin can elect to participate in the authorisation phase
by registering in the KAUTH_VNODE scope, however it is important to
note that you may see operations that are not performed (due to
another participant refusing the operation).
There are also operations which are not authorised, in which case you
won't see them at all.
Is it possible with Kauth ? If not, what are the other ways of
doing the same ?
The fact that you care about being notified before the operation
suggests that you have some desire to refuse, modify or defer some
operations. Is this the case?
If you can explain some more about your Application, we may be able
to help you further.
= Mike
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden