DragonFly BSD
DragonFly kernel List (threaded) for 2010-03
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Google Summer of Code idea


From: Dmitry Stephantsov <d.a.stephantsov@xxxxxxxxx>
Date: Mon, 29 Mar 2010 19:20:04 +0700

Hello, DragonFly BSD team!

My name is Dmitry Stephantsov, I'm from Tomsk State University from Russia. I'm first year graduate student. I've recently become aware of Summer of Code and started looking for interesting projects. As undergraduate student I've been involved in our local operating system development project which evolved into the development of special programming language and the environment to run programs in it. So, I think OS projects are interesting!

My department is Information Security and Cryptography (which is the part of the Faculty of Applied Mathematics and Cybernetics) and security related stuff are my primary area of interest.

I've looked on the page: http://www.dragonflybsd.org/docs/developer/gsoc2010/ and found some interesting ideas, but I have my own. Since this E-mail address (kernel@crater.dragonflybsd.org) mentioned on the page frequently, I've decided to send the letter to it.

First idea — kauth under DragonFly BSD.

My idea is to implement kauth subsystem for DragonFly BSD. Kauth (http://developer.apple.com/mac/library/technotes/tn2005/tn2127.html) is flexible system of hooks in kernel space that calls function defined in special kernel modules in a chain like. Hooks are implemented for most security-related actions. Modules that use hooks could implement e.g. access control policy or some sort of anti-virus scanner.

NetBSD team have implemented kauth for their OS. They moved traditional UNIX discretionary access control to one of kauth modules and there are researches toward something like jails of FreeBSD implemented on kauth (2008.asiabsdcon.org/papers/P3A-paper.pdf).

I think there are benefit from kauth under DragonFly BSD. Some AppArmor- or SELinux- like mandatory access control could be implemented as a module.

Second idea — transparent encryption.

I haven't figured out if DragonFly got one but there will be profit from system like dm-crypt on Linux.

Third idea — shadow passwords enhancements.

This one is to worm up, I think. I've read on the buglist that DragonFly still uses md5 as primary hashing method for passwords (message dated 20.02.2010 22:54, "MD5 password hash" thread). That's pretty weak method for now considering rainbow tables cracking method. I could implement hashing with sha256 or sha512 functions.

Fourth idea — make something on the list.

"Implement i386 32-bit ABI for x86_64 64-bit kernel" idea seems interesting (lots of low-level stuff).

Few days before I've installed DragonFly BSD on VmWare and have played with it for some time. I've found that cool feature called vkernel — the ability to debug the kernel is nice. I've also loaded source codes with git and studied it for a little ;)

Here is the summary of my words:

My name and background. Dmitry Stephantsov, from Tomsk State University, Faculty of Applied Mathematics and Cybernetics, Information Security and Cryptography department.
My skills.

Why I'm interested in DragonFly BSD? There are few points on why I am interested.
My free time on summer. As graduate student I've got some duties at the university. On April I'm going to two CTF competitions (one on 2-4 of April in Moscow and one on 23-26 of April in Ekaterinburg). On may there will be some teaching activities (exams for the undergraduates) but they shouldn't take much time. On this summer I've got almost free of duties may, june and august. On july I'll be spending a weak for summer school where I'll be teaching students some basic hacking techniques. Also I'll go to my parents for a weak or a weak and a half. The rest of my time I can spend for the project.

Wheew... Thanks for reading that far! I hope, its not too late for me to write this letter :)

--

Best regards, Dmitry A. Stephantsov


[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]