Hello, I am currently working on a transparent encryption mechanism that I can use as a Linux kernel module. I will detail below my goal and how I imagined a solution to meet my needs. I wanted to contact you today to have your opinion on my solution and to have some ways to follow on the function of the Linux kernel to hooked. I am open to any suggestions. Objective : Transparent encryption mechanism should be able to encrypt and decrypt a file on the fly based on ACLs that have been defined by a particular user (not necessarily root). The aim is to dispel the attack vector by a root. The root account is usually intended for administrators who may not have the credentials to see the contents of a particular file. To achieve this goal, an authorized user should be able to see the contents of a file. For unauthorized users, the file will display the encrypted content. My proposal : To achieve this, I think to write a Linux kernel module that will create a hook on the call function which opens a file (I do not know the name of this function, may be vfs_open). The hook will be implemented with ftrace. My idea is to check ACLs before opening a file and if there are particular ACLs for that file, I display an encrypted file or the decrypted content of the file if the user has rights on that file. What do you think about this idea ? I know there are "Linux agents" that do this work without being a Linux kernel module but I do not know how they work because it does not have to be executed in the userspace for security reasons. I am interested to know if you have other ideas. Finally, I would like to find a document on the kernel functions associated with the interface virtual file system because I do not know the function to hooked. Thanks in advance. Thibaud.
|