LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for December 4, 2008

KSM runs into patent trouble

Tux3: the other next-generation filesystem

LWN.net Weekly Edition for November 27, 2008

LWN.net Weekly Edition for November 20, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Dazuko is a kludge

Dazuko is a kludge

Posted Oct 23, 2006 18:21 UTC (Mon) by bluefoxicy (subscriber, #25366)
Parent article: Critical Linux security API is still a kludge (Inquirer)

Dazuko is nice but it's honestly a kludge. The new FUSE API will include a "Filter" file system which allows the FUSE module to read underneath itself-- and see what it's mounted over. Using this functionality, file-level access control can be implemented exactly as with Dazuko; but so much more, like compression and encryption and new APIs, can also be placed by skilled programmers.

Because FUSE acts just like kernel code, blocking until it does its work, you can modify or block access to files. You can tell the calling process the file is owned by another user, or just isn't allowed to be opened for no real reason at all besides that you say so. Once filtering is added, the entire functionality of Dazuko will fall right under the FUSE API.

http://article.gmane.org/gmane.comp.file-systems.fuse.dev...

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds