On Sun, 15 Apr 2001, Crispin Cowan wrote: > Philippe Biondi wrote: > > > On Sat, 14 Apr 2001, Crispin Cowan wrote: > > > "module" is the *most* important word in the list name. There's lots & lots of > > > generic security discussion forums, and even lots of linux security discussion > > > forums. I'm trying to chase awasy all of the discussion about the merrits of one > > > security model over another, and concentrate on the LSM features needed to support > > > a diverse set of security modules. > > > > I agree if module means modular and not LKM. > > Yes, it means LKM. We are not talking about turning Linux into a microkernel here, > just adding sufficient functionality to the LKM interface to enable security LKMs to > exist (which I've been denoting LSM for "Linux Security Module", hence the list name). > > > > Wanting to make a modular > > implementation is important and means that we can get security policies > > out of the kernel, in LKMs. Wanting to make a LKM is nonsense, IMHO. > > I don't really understand what you're saying here. You seem to be contradicting > yourself, but mostly I'm just confused. Well, let's stop this unproductive nit-picking, I got your point and can make mine an yours cohabit as they are close to each other. > > As Greg helpfully reminded me, there are problems asking the kernel to read ASCII from > user space files: > > * kernel blocking on a disk I/O > * disk read errors > * parsing errors > * etc. > > So it's best to have a program push the file into the kernel, rather than let the > kernel read it direct from a file. Then the program can fail gracefully, rather than > the kernel taking the hit when something goes wrong. Agreed. It's even done this way for modules. > > Can these fs work without patching the VFS layer ? > > By definition, yes: ext2 supports a form of extended attributes. You access those > attributes with the chattr and lsatter commands. > http://www.securityfocus.com/focus/linux/articles/ext2attr.html > > However, some other extended attributes projects apparently require patching the VFS > layer http://lwn.net/2000/1026/a/extended-attributes.php3 > > I agree with Greg: we don't want to get into a can of worms in the VFS > layer. The trick is to figure out how to allow modules to use > extended attributes without getting entangled. If they are part of one of the VFS structs, modules could take these fields in account when taking a decision. -- Philippe Biondi Systems administrator Webmotion Inc. http://www.webmotion.com mailto:philippe.biondiat_private Fax. (613) 260-9545 _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 07:47:04 PDT