Hello RoS developers,
I introduce myself. I'm Guillaume Touron, I'm a French engineering student
at National School of Computer Science and Applied Mathematics with
specialization in information systems and security. Apart from my studies I
am interested in OS development, Windows internals and application security
(vulnerabilities, reverse engineering, rootkits...). I read a lot about how
Windows internals work (kernel data structures...) and Windows security. I
have also some experience in NT driver development and kernel debugger
(WinDBG).
For many months now, I study RoS source code, and especially ntoskrnl
source. This includes object manager, i/o manager, security layer,
traps/exceptions management... I checkouted source code and installed RoS
build environment and I'm ready to begin development. I also took a look at
Se* kernel exported APIs, and tried to understand how security checks were
performed. That's why I'm interested in RoS GSoC Idea 'Security
Controls'.
Indeed, implementing this feature would be a good start to add multiuser
experience in RoS which is currently missing, and to manage efficiently
users and groups. I think I know what is needed to complete this project
successfully and I'm ready to write a detailed presentation/proposal to
explain what I understand and what would be my goals. I also did GSoC 2010
last year for Honeynet Project on network security area, but I'm more
interested in kernel development.
Finally, few questions : What should I do to propose in a formal way my
proposal to RoS community ? Is it an obligation to have already send some
patches or can we begin development as a new contributor ? Who can I
contact to speak about technical details ?
Thank you very much.