An userspace (fuse) filesystem that implements private storage for pseudo persistent processes.
Version: 0.3.5MinorFs is a userspace (fuse) filesystem that implements private storage for pseudo persistent processes.
Operating System: Linux
MinorFs implements a simple view based file system. The files ystem provided by MinorFs allows processes to become pseudo persistent processes, by giving these processes n-th claim persistent storage. By doing this, a program running under a user id can effectively protect its data for that user from malware that could be running under the same user id.
MinorViewFs creates a private directory for processes. Given that processes and their base identification (pids) are non persistent, and storage is persistent, the MinorViewFs filesystem allows processes the possibility to 'claim' an unused slot that was previously used by a process that was an instance of the same executable running under the same user id as the current process.
This claiming of a slot turns the process into an incarnation of some
'persistent' process, allowing it to make use of the 'private' directory
to store its state.
MinorFs allows most operations that a normal filesystem allows, but there are some differences. Links and symlinks are not supported, and chmod operations don't have any effect given that they are useless with respect to the security model that minorviewfs provides.
Please note that minorviewfs does not work well together with scripts, as the data will become private to the interpreter rather than to the script. Further note that currently persistent storage is limited to 32 concurent versions of the same program running with the same uid.
An important operation that MinorViewfs provides that makes it work together well with MinorCapFs is the use of a special extended attribute.
The extended attribute 'delegatable' that is made available for each file and directory, returns a path to the same underlaying directory but than through MinorCapFs. In contrast to the MinorViewFs paths, the paths into MinorCapFs can be delegated to other processes, even to other users.
The MinorCapFs paths contain a token that is in fact a very basic implementation of a so called 'password capability'.
Attenuation and revocations are not yet addressed in this version
of minorfs. The upcomming version of minorfs will aim to also provide additional minor filesystems for these purposes.