--- tpe.txt 2003-06-03 14:05:40.000000000 -0700 +++ tpe_sysfs.txt 2003-06-12 13:50:14.000000000 -0700 @@ -26,28 +26,27 @@ In short, if the path and user are both untrusted, execution will be denied. In order to actually modify the access control list for TPE, the module uses -a pseudo filesystem called tpefs. The tpefs contains two files; trustedlistadd -and trustedlistdel. Performing read and write operations on the aforementioned -files creates a user to system interface that will alter the trusted list. See -"Modifying the Trusted List" below for the methods of altering the list using -these files. +a sysfs subsystem called tpefs. The tpefs contains two files; add and del +Performing read and write operations on the aforementioned files creates a user +to system interface that will alter the trusted list. See "Modifying the +Trusted List" below for the methods of altering the list using these files. Note: The two file approach was utilized rather than a single file in order to keep the code and administration of the module simple for both the kernel and the user. Installation: 1. Recompile the kernel to include LSM and TPE as a module. -2. insmod tpe.ko -3. mount -t tpefs none +2. mount -t sysfs sysfs /sys +3. insmod tpe.o 4. See "Modifying the Trusted List" below for instructions on how to add/delete users to/from the list. Modifying the Trusted List: -Adding a user: echo > trustedlistadd -Deleting a user: echo > trustedlistdel -Show list to userspace: cat trustedlistadd +Adding a user: echo > /sys/add +Deleting a user: echo > /sys/del +Show list to userspace: cat /sys/add Note: The above methods utilizing echo and cat are good examples of how to alter the list. If the user is so interested, they may utilize other methods of read/write on the files in order to perform similar actions on the list. -One example might be doing a "more trustedlistadd" in order to show the list. +One example might be doing a "more add" in order to show the list.