Main Page

From MinorFs Wiki
Jump to: navigation, search


MinorFs is a set of simple cooperating user-space filesystems that provide a way to do (extreme) discretionary access control. The discretionary access control mechanisms provided by MinorFs allow for usage in new system designs that adhere to dynamic POLA. At the core of the discretionary access control in the original MinorFs is the concept of the pseudo-persistent process. here in most access control mechanisms for filesystems the user defines the base level of granularity, MinorFs uses the pseudo-persistent process. This concept is very important and usefull when building high-integrity systems from the ground up but less usefull and somewhat cumbersome for retrofitting to existing applications. For this reason, the upcomming (completely redesigned and rewritten) version of MinorFs, aims to (also) take Least Authority and High Integrity to the realm of non MinorFs aware programs.The new and updated design makes MinorFs2 very suitable to allow legacy programs to protect their 'private' data from malware or buggy software running under the same uid.

Personal tools