Google Summer of Code idea
--00151758a60269cc4b0482ef88c9
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Hello, DragonFly BSD team!
My name is Dmitry Stephantsov, I'm from Tomsk State University from Russia.
I'm first year graduate student. I've recently become aware of Summer of
Code and started looking for interesting projects. As undergraduate student
I've been involved in our local operating system development project which
evolved into the development of special programming language and the
environment to run programs in it. So, I think OS projects are interesting!
My department is Information Security and Cryptography (which is the part o=
f
the Faculty of Applied Mathematics and Cybernetics) and security related
stuff are my primary area of interest.
I've looked on the page:
http://www.dragonflybsd.org/docs/developer/gsoc2010/ and found some
interesting ideas, but I have my own. Since this E-mail address (
kernel@crater.dragonflybsd.org) mentioned on the page frequently, I've
decided to send the letter to it.
*First idea =97 kauth under DragonFly BSD.*
My idea is to implement kauth subsystem for DragonFly BSD. Kauth (
http://developer.apple.com/mac/library/technotes/tn2005/tn2127.html) is
flexible system of hooks in kernel space that calls function defined in
special kernel modules in a chain like. Hooks are implemented for most
security-related actions. Modules that use hooks could implement e.g. acces=
s
control policy or some sort of anti-virus scanner.
NetBSD team have implemented kauth for their OS. They moved traditional UNI=
X
discretionary access control to one of kauth modules and there are
researches toward something like jails of FreeBSD implemented on kauth (
2008.asiabsdcon.org/papers/P3A-paper.pdf).
I think there are benefit from kauth under DragonFly BSD. Some AppArmor- or
SELinux- like mandatory access control could be implemented as a module.
*Second idea =97 transparent encryption.*
I haven't figured out if DragonFly got one but there will be profit from
system like dm-crypt on Linux.
*Third idea =97 shadow passwords enhancements.*
This one is to worm up, I think. I've read on the buglist that DragonFly
still uses md5 as primary hashing method for passwords (message dated
20.02.2010 22:54, "MD5 password hash" thread). That's pretty weak method fo=
r
now considering rainbow tables cracking method. I could implement hashing
with sha256 or sha512 functions.
*Fourth idea =97 make something on the list.*
"Implement i386 32-bit ABI for x86_64 64-bit kernel" idea seems interesting
(lots of low-level stuff).
Few days before I've installed DragonFly BSD on VmWare and have played with
it for some time. I've found that cool feature called vkernel =97 the abili=
ty
to debug the kernel is nice. I've also loaded source codes with git and
studied it for a little ;)
Here is the summary of my words:
*My name and background.* Dmitry Stephantsov, from Tomsk State University,
Faculty of Applied Mathematics and Cybernetics, Information Security and
Cryptography department.
- As undergraduate on 3rd year I've been working on OS-related project a=
s
my course work. The project was about cryptographically enhancing the Mi=
nix
2 operating system (which was available for me at that time, since I've
bought the book :)). I've implemented transparent disk encryption layer
between file system and disk driver. My mate implemented special bootloa=
der
for kernel decryption. Another my mate have implemented special access
control mechanism.
- As undergraduate on 4th year I've been working for the environment for
special aspect-oriented programming language. The idea was to run the
interpreter on bare hardware (as Smalltalk system was run once). My part=
of
job was dealing with processes and multitasking. Later I've switched for
language development.
- My current researches are related to aspect-oriented technologies for
programming. In particular, I want to find the unified way for implement=
ing
security policies in arbitrary information systems.
- As undergraduate student then and as graduate student now I take part
in Capture the Flag hacking competitions. My team is named SiBears (
http://sibears.ru) and I'm team leader and the coach. We've won Russian
CTF competitions (RuCTF) last year (
http://translate.google.ru/translate?hl=3Dru&sl=3Dru&tl=3Den&u=3Dhttp%3A=
%2F%2Fructf.org%2F2009%2Ffinal_results.html)
and took 2nd place on international CTF (iCTF) on December of 2008 (
http://ictf.cs.ucsb.edu/archive/iCTF_2008/index.html) =97 the page is
missing final standings now for some reason.
*My skills.*
- Strong knowledge/experience in both C and C++ and programming.
Primarily for GNU/Linux.
- Strong knowledge of x86 machine architecture, assembly language, binar=
y
file formats. Disassembly and debugging skills (thanks to CTF :)).
- Strong knowledge of cryptography. That's what I was taught for about 5
years :)
- Script programming language skills: perl, python, ruby etc.
- Programming language development tools skills: flex, bison, python ply=
,
Spirit (from C++ Boost) etc.
- Experience with both software construction tools (make, scons etc) and
source code management systems (svn, git etc).
*Why I'm interested in DragonFly BSD?* There are few points on why I am
interested.
- As I was said, operating systems and programming languages design and
development are my favorite areas of computer science. I believe that
reflexive part of any kind of activity is the crucial part for understan=
ding
the whole. And OSs and PLs are the reflexive part of computations.
- From the Net I've learned that DragonFly BSD team is open minded =97 i=
t
is great to work on something you like with peoples who like this stuff =
too
:)
- DragonFly BSD is not widely developed and there is the chance to take
part in serious development.
*My free time on summer.* As graduate student I've got some duties at the
university. On April I'm going to two CTF competitions (one on 2-4 of April
in Moscow and one on 23-26 of April in Ekaterinburg). On may there will be
some teaching activities (exams for the undergraduates) but they shouldn't
take much time. On this summer I've got almost free of duties may, june and
august. On july I'll be spending a weak for summer school where I'll be
teaching students some basic hacking techniques. Also I'll go to my parents
for a weak or a weak and a half. The rest of my time I can spend for the
project.
Wheew... Thanks for reading that far! I hope, its not too late for me to
write this letter :)
--=20
Best regards, Dmitry A. Stephantsov
--00151758a60269cc4b0482ef88c9
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Hello, DragonFly BSD team!<br><br>My name is Dmitry Stephantsov, I'm fr=
om Tomsk State University from Russia. I'm first year graduate student.=
I've recently become aware of Summer of Code and started looking for i=
nteresting projects. As undergraduate student I've been involved in our=
local operating system development project which evolved into the developm=
ent of special programming language and the environment to run programs in =
it. So, I think OS projects are interesting!<br>
<br>My department is Information Security and Cryptography (which is the pa=
rt of the Faculty of Applied Mathematics and Cybernetics) and security rela=
ted stuff are my primary area of interest.<br><br>I've looked on the pa=
ge: <a href=3D"http:/=" rel="nofollow">http://www.dragonflybsd.org/docs/developer/gsoc2010/">http:/=
/www.dragonflybsd.org/docs/developer/gsoc2010/</a> and found some interesti=
ng ideas, but I have my own. Since this E-mail address (<a href=3D"mailto:k=
ernel@crater.dragonflybsd.org">kernel@crater.dragonflybsd.org</a>) mentione=
d on the page frequently, I've decided to send the letter to it.<br>
<br><b>First idea =97 kauth under DragonFly BSD.</b><br><br>My idea is to i=
mplement kauth subsystem for DragonFly BSD. Kauth (<a href=3D"http://develo=
per.apple.com/mac/library/technotes/tn2005/tn2127.html">http://developer.ap=
ple.com/mac/library/technotes/tn2005/tn2127.html</a>) is flexible system of=
hooks in kernel space that calls function defined in special kernel module=
s in a chain like. Hooks are implemented for most security-related actions.=
Modules that use hooks could implement e.g. access control policy or some =
sort of anti-virus scanner.<br>
<br>NetBSD team have implemented kauth for their OS. They moved traditional=
UNIX discretionary access control to one of kauth modules and there are re=
searches toward something like jails of FreeBSD implemented on kauth (<a hr=
ef=3D"2008.asiabsdcon.org/=" rel="nofollow">http://2008.asiabsdcon.org/papers/P3A-paper.pdf">2008.asiabsdcon.org/=
papers/P3A-paper.pdf</a>).<br>
<br>I think there are benefit from kauth under DragonFly BSD. Some AppArmor=
- or SELinux- like mandatory access control could be implemented as a modul=
e.<br><br><b>Second idea =97 transparent encryption.</b><br>
<br>
I haven't figured out if DragonFly got one but there will be profit fro=
m system like dm-crypt on Linux.<br><br><b>Third idea =97 shadow passwords =
enhancements.</b><br><br>This one is to worm up, I think. I've read on =
the buglist that DragonFly still uses md5 as primary hashing method for pas=
swords (message dated 20.02.2010 22:54, "MD5 password hash" threa=
d). That's pretty weak method for now considering rainbow tables cracki=
ng method. I could implement hashing with sha256 or sha512 functions.<br>
<br><b>Fourth idea =97 make something on the list.</b><br><br>"Impleme=
nt i386 32-bit ABI for x86_64 64-bit kernel" idea seems interesting (l=
ots of low-level stuff).<br><br>Few days before I've installed DragonFl=
y BSD on VmWare and have played with it for some time. I've found that =
cool feature called vkernel =97 the ability to debug the kernel is nice. I&=
#39;ve also loaded source codes with git and studied it for a little ;)<br>
<br>Here is the summary of my words:<br><br><b>My name and background.</b> =
Dmitry Stephantsov, from Tomsk State University, Faculty of Applied Mathema=
tics and Cybernetics, Information Security and Cryptography department.<br>
<ul><li>As undergraduate on 3rd year I've been working on OS-related pr=
oject as my course work. The project was about cryptographically enhancing =
the Minix 2 operating system (which was available for me at that time, sinc=
e I've bought the book :)). I've implemented transparent disk encry=
ption layer between file system and disk driver. My mate implemented specia=
l bootloader for kernel decryption. Another my mate have implemented specia=
l access control mechanism.</li>
<li>As undergraduate on 4th year I've been working for the environment =
for special aspect-oriented programming language. The idea was to run the i=
nterpreter on bare hardware (as Smalltalk system was run once). My part of =
job was dealing with processes and multitasking. Later I've switched fo=
r language development.</li>
<li>My current researches are related to aspect-oriented technologies for p=
rogramming. In particular, I want to find the unified way for implementing =
security policies in arbitrary information systems.</li><li>As undergraduat=
e student then and as graduate student now I take part in Capture the Flag =
hacking competitions. My team is named SiBears (<a href=3D"http://sibears.r=
u">http://sibears.ru</a>) and I'm team leader and the coach. We've =
won Russian CTF competitions (RuCTF) last year (<a href=3D"http://translate=
..google.ru/translate?hl=3Dru&sl=3Dru&tl=3Den&u=3Dhttp%3A%2F%2Fr=
uctf.org%2F2009%2Ffinal_results.html">http://translate.google.ru/translate?=
hl=3Dru&sl=3Dru&tl=3Den&u=3Dhttp%3A%2F%2Fructf.org%2F2009%2Ffin=
al_results.html</a>) and took 2nd place on international CTF (iCTF) on Dece=
mber of 2008 (<a href=3D"http://ictf.cs.ucsb.edu/archive/iCTF_2008/index.ht=
ml">http://ictf.cs.ucsb.edu/archive/iCTF_2008/index.html</a>) =97 the page =
is missing final standings now for some reason.</li>
</ul><b>My skills.</b><br><ul><li>Strong knowledge/experience in both C and=
C++ and programming. Primarily for GNU/Linux.</li><li>Strong knowledge of =
x86 machine architecture, assembly language, binary file formats. Disassemb=
ly and debugging skills (thanks to CTF :)).</li>
<li>Strong knowledge of cryptography. That's what I was taught for abou=
t 5 years :)</li><li>Script programming language skills: perl, python, ruby=
etc.</li><li>Programming language development tools skills: flex, bison, p=
ython ply, Spirit (from C++ Boost) etc.</li>
<li>Experience with both software construction tools (make, scons etc) and =
source code management systems (svn, git etc).<br></li></ul><br><b>Why I=
9;m interested in DragonFly BSD?</b> There are few points on why I am inter=
ested.<br>
<ul><li>As I was said, operating systems and programming languages design a=
nd development are my favorite areas of computer science. I believe that re=
flexive part of any kind of activity is the crucial part for understanding =
the whole. And OSs and PLs are the reflexive part of computations.</li>
<li>From the Net I've learned that DragonFly BSD team is open minded =
=97 it is great to work on something you like with peoples who like this st=
uff too :)</li><li>DragonFly BSD is not widely developed and there is the c=
hance to take part in serious development.</li>
</ul><b>My free time on summer.</b> As graduate student I've got some d=
uties at the university. On April I'm going to two CTF competitions (on=
e on 2-4 of April in Moscow and one on 23-26 of April in Ekaterinburg). On =
may there will be some teaching activities (exams for the undergraduates) b=
ut they shouldn't take much time. On this summer I've got almost fr=
ee of duties may, june and august. On july I'll be spending a weak for =
summer school where I'll be teaching students some basic hacking techni=
ques. Also I'll go to my parents for a weak or a weak and a half. The r=
est of my time I can spend for the project.<br>
<br>Wheew... Thanks for reading that far! I hope, its not too late for me t=
o write this letter :)<br><br>
-- <br><br>Best regards, Dmitry A. Stephantsov<br>
--00151758a60269cc4b0482ef88c9--
討論串 (同標題文章)
完整討論串 (本文為第 1 之 11 篇):