Re: Other LSM modules (i.e. ACLs)

• Previous message: aleph1at_private: "Re: Other LSM modules (i.e. ACLs)"
• In reply to: Andrew Morgan: "Re: Other LSM modules (i.e. ACLs)"
• Next in thread: aleph1at_private: "Re: Other LSM modules (i.e. ACLs)"
• Reply: aleph1at_private: "Re: Other LSM modules (i.e. ACLs)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrew Morgan wrote:

> Crispin Cowan wrote:
> > > Is there
> > > anyone on the list from the Extended Attributes and ACL project?
> > We would like there to be :-)  My chat over the weekend about extended attributes
> > pertains directly to projects like ACL.  However, my design philosophy here is to *not*
> > include something unless someone with a module and serious intent to use the LSM steps
> > forward and says "I need <foo hook>" and presents a solid case for why it can't be done
> > with the existing hooks.
>
> Note, capabilities (as defined by the POSIX.1e document) require
> something method of storing capabilities in association with files. The
> patches that I've written, as part of the linux-privs project, make use
> of these same Extended Attributes.
>
> When you say you are committed to supporting POSIX.1e capabilities, are
> you saying to supporting the capability functionality that the kernel
> currently supports, or "the POSIX.1e" capabilities?

I meant the stuff currently supported by the kernel, not the full POSIX spec.  LSM does not
address the limitations that prevent full POSIX.1e implementation:  the provision of meta
data storage.

There was an extensive thread here (some where :-) about meta data and extended attributes
support.  My basic proposal is that LSM should not provide any persistent storage of meta
data, but should allow the modules to get at the meta data storage of their choice.  There
are (now, thanks Aleph) three known storage repositories for persistent meta data:

   * put it in a conf file:  used by SubDomain and LIDS, among others
   * extended attributes in the file system:  required by full POSIX.1e capabilities, but
     not supported by common Linux file systems, and thus Linux capabilities are not fully
     POSIX.1e compliant
   * aleph's network repository method

LSM should not actually provide any of these methods.  We just need to make sure we stay out
of their way.

Crispin

--
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution:       http://immunix.org




_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: aleph1at_private: "Re: Other LSM modules (i.e. ACLs)"
• Previous message: aleph1at_private: "Re: Other LSM modules (i.e. ACLs)"
• In reply to: Andrew Morgan: "Re: Other LSM modules (i.e. ACLs)"
• Next in thread: aleph1at_private: "Re: Other LSM modules (i.e. ACLs)"
• Reply: aleph1at_private: "Re: Other LSM modules (i.e. ACLs)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 15:19:02 PDT