[ros-dev] 'Security Controls' GSoC Idea
gedmurphy at gmail.com
Mon Mar 21 10:10:58 UTC 2011
I gathered from your overview that you're interested in working exclusively
on the executive component in the kernel, otherwise known as the Security
Reference Monitor (SRM). Is that correct or do you also want to work on user
Assuming so, do you plan on working on a specific area within this or
working on the component as a whole?
As you've probably seen, it has basic functionality, but some areas are
either incomplete or missing entirely.
A good example of this is the LSA stuff, I think Eric is working on this
area, but he seems to be concentrating on the usermode side of things so
maybe this would work out well.
Regarding your questions:
- to propose your project you should fill out an application form which is
available via the GSoC website under our organization link. We can help you
with filing this out if required.
- It's not an obligation to provide patches when applying for a student
position, although it would very much go in your favour if you did as it
would allow us to confirm the skills you suggest.
- You can use this mailing list to speak about technical details, you have
the best coverage here. Alternatively if you wanted a more private
discussion, you could email myself or Aleksey Bragin
You can find more information here :
From: ros-dev-bounces at reactos.org [mailto:ros-dev-bounces at reactos.org] On
Behalf Of Guillaume Touron
Sent: 20 March 2011 22:18
To: ros-dev at reactos.org
Subject: [ros-dev] 'Security Controls' GSoC Idea
Hello RoS developers,
I introduce myself. I'm Guillaume Touron, I'm a French engineering student
at National School of Computer Science and Applied Mathematics with
specialization in information systems and security. Apart from my studies I
am interested in OS development, Windows internals and application security
(vulnerabilities, reverse engineering, rootkits...). I read a lot about how
Windows internals work (kernel data structures...) and Windows security. I
have also some experience in NT driver development and kernel debugger
For many months now, I study RoS source code, and especially ntoskrnl
source. This includes object manager, i/o manager, security layer,
traps/exceptions management... I checkouted source code and installed RoS
build environment and I'm ready to begin development. I also took a look at
Se* kernel exported APIs, and tried to understand how security checks were
performed. That's why I'm interested in RoS GSoC Idea 'Security Controls'.
Indeed, implementing this feature would be a good start to add multiuser
experience in RoS which is currently missing, and to manage efficiently
users and groups. I think I know what is needed to complete this project
successfully and I'm ready to write a detailed presentation/proposal to
explain what I understand and what would be my goals. I also did GSoC 2010
last year for Honeynet Project on network security area, but I'm more
interested in kernel development.
Finally, few questions : What should I do to propose in a formal way my
proposal to RoS community ? Is it an obligation to have already send some
patches or can we begin development as a new contributor ? Who can I
contact to speak about technical details ?
Thank you very much.
Ros-dev mailing list
Ros-dev at reactos.org
More information about the Ros-dev