[rsbac] UDF and stacked scanners
Javier Juan Martínez Cabezón
tazok at rsbac.org
Sat Dec 26 15:39:17 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi folks. after reading a bit UDF source code, is feasible having 2
scanners at the same time?,. Have you tested with this? Are they
stacked? for example marking clamavd as a scanner and set tripwire as
another one. With this approach You could make for example to only
allow access to a file if sha256sum is correct forbiding access if
none (tripwire returns code 8 if I remember correctly so it would be
seen as denied by UDF).
I think there could be multiple scenarios interesting to this
approach, as it could be in NAS scenarios or just as an integrity
"model" as BIBA :P or why not spamasassing ones :)
Maybe UDF could be a user space REG model :)
Have any of you hacked with this?
What do you think?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWfqaTAAoJEFfmTgt/w77feAEP/0pJQVhuplms+JkWHYRAjMdZ
xMpc5mGdCJ9B6vlDuG/olcNTVADv3g1c5Bh5X5/LtDGU62ZRuQODnMblvaZSLqt8
VzmQlu3kER0pX1j6rlmn2ZkBWxaBKK8pr+jLFXyvYZbPkBAsHcfHdMVFCcJUdEOm
lbIBZCM/fAzELR+Fd7z1tkK57z2GCtHw1EmDWtz9F3qAFNaVwtV8d4jX/dN88Jqj
+wWswgYFTyLs3DL2OilIrtnol/fIYAZ99CNiBnwuSwLoPDuESDUY9VMgVDWDomVD
V5NJU9KcLX6DVqekUVjU4wgZ/USYhXi4nq67PptKykkh29mMY14d48ZC6MaajFUm
A3nSjzxY6udrZi2g6uvUKPIPusXuVtMACMRAA8TkXtJs2Iw4mUadk+AqyBkfyDC4
7pfW3ObJCGTQpPc8mvlK+fJ49pmFFZIIXLCQ8XeRolHPxncqrjlgDbLyg9YnQVCM
poNIXGegsCt9Ho6Yi0nE3u4PsbVGnSP7IQ7IXVQs8n2/wkaPZGoKJLkQlTSFgmNL
usZKmB4+Vp3LQeXAOJv/rye9gsMlItVA2/cgKpQfIxfVf03kIeYQbSyXEEsJwYwP
uIK6eINxk/LgMA+GnmfVPriG/vU4cjdTSxv7PrOkWaK5LW7s6iCrpPGQy0Dpqbhj
0WWIPwBaeMHBltCSC9LE
=92bh
-----END PGP SIGNATURE-----
More information about the rsbac
mailing list