Unioning File Systems for Fun and Profit (Mostly fun...)
Written by
on
in
Young Coders.
One of the specs for the laptop that's mentioned in BitFrost is that we're planning on using a unioned (Copy-on-Write (COW)) file system (likely AUFS) to produce a number of security effects (e.g. the core system software is on a r/o plane, with any changes happening only in a r/w plane above that software (and only by software that has explicitly been granted the right to write onto the system-area planes)).
Anyway, wrote up some thoughts on how to use AUFS across the project this morning and posted them to the security list. Just a straw-man to hopefully get discussion going.
I would like a system similar to that I described (modulo that I don't actually like the idea of having to explicitly grant access to individual files (I'd prefer to be able to grant access at the directory/project level), but that's something required by BitFrost).
Comments
Comments are closed.
Pingbacks
Pingbacks are closed.
jesse on 05/23/2007 4 p.m. #
Is it possible to see/post that proposal (or is it in the olpc wiki)? I don't see the emails in the archives.