|
|
|
|
|
|
by LinuxFreedom
3341 days ago
|
|
|
Looks very interesting! Would you like to add LDAP support, maybe in a modularized way to store rules "somewhere" and provide a mechanism for mandatory application of these rules on clients ("enforce rules from trusted storage x")? Others could build GUIs around the storage (LDAP, SQLite, whatever) and we could share rules via a website. That would be a great help for many users! Thanks! |
|
|
My thinking is to make it so that you just have a "dumb" daemon which has the concept of a process requesting the ability to connect to an IP/unix socket and sends requests over gRPC to clients that make access decisions. So there's no long-term storage of rules in the daemon (except possibly in some edge cases).
In any case I'm still writing a PoC so it's a bit early for features like that.