Skip to content
/ signacfs Public

signature & access control based overlay filesystem (supports for fuse, docker & hopefully kubernetes using CSI)

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

zerosign/signacfs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
core
core
 
 
fuse
fuse
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.adoc
README.adoc
 
 

Repository files navigation

signacfs

Signature access control based overlay filesystem (supports for fuse, docker hopefully kubernetes using CRI) This fuse filesystem being implemented since LSM like SELinux still aren’t being supported in namespace based system (container based).

This filesystem use access control + signature based to check whether incoming request from process (gid, uid, pid) are allowed to a request to filesystem. This enable us to do a fine grain based access to the filesystem so that we could potentially secure an access to specific files by specifying certain policies to access control. At first it will check whether application signature (*.crt, *.ca.crt) are valid or not then check the checksum of the signature valid or not.

TODO: This crate hopefully will support either PKI Based Signature or GPG Based Signature

About

signature & access control based overlay filesystem (supports for fuse, docker & hopefully kubernetes using CSI)

Topics

rust fuse pki access-control overlayfs wip-do-not-use

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages