dynsec stands for Dynamic Security.The project is an external Linux kernel module is geared towards providing more granular access controls to file operations to userspace that doesn't exist for the versions of Linux kernels the AppControl CarbonBlack product currently supports. This is meant to replace the existing CarbonBlack AppControl kernel module.This kernel module was created in a much more generic manner to fulfill AppControl's file protection/access control oriented features that is critical to their exception list handling approach to access controls.However the kernel module could be used for different access control techniques, it's really up to the userspace implementation.The kernel module may be useful for other products that might have a strong business want, and would likely utilize a subset of the features to provide access controls. Example subset usage may be geared towards protecting specific files and processes that is owned by the product using this (anti-tampering) or protecting other some subset of files and processes not owned by the product.The main business reason for AppControl to using this kernel module is to logically separate business logic away from the kernel landscape while protecting proprietary work. Additionally this kernel module provides more accurate data, performance optimizations and more options to improve the overall security efficacy of the AppControl product.The longer term goal which is not in this project, is to eventually utilize BPF (extended Berkley Packet Filter) to provide access controls when they become more widely available for targeted distros. This kernel module is to help bridge the gap as far security features in the meantime, while fulfilling CarbonBlack AppControl's current needs. - View it on GitHub