Re: GACI item list - to give some items for discussion

From: Neil Bortnak (neilat_private)
Date: Mon Apr 16 2001 - 22:02:34 PDT

  • Next message: Karim Yaghmour: "Re: Hooking into Linux using the Linux Trace Toolkit"

    Crispin Cowan wrote:
    > 
    > Casey Schaufler wrote:
    > > A useful function, first proposed in literature by
    > > W. Olin Sibert, would be one which you pass a bunch
    > > of security attributes for the subject and a set for
    > > the object along with a proposed access and you get
    > > back a best guess answer. It could be implemented
    > > strictly in userland for many policies. On the other
    > > hand, I've never seens a reasonable specification
    > > for the call.
    > 
    > I don't see a problem with LSM modules providing new system calls (or ioctls,
    > or sysctls, or whatever) to provide this kind of functionality.  It's yet
    > another module feature, not a feature of LSM per se.
    > 
    
    The access() function provides a uniform way for programmers to find out
    if a *file system* function would work or not. A function would need to
    be implemented as part of the LSM to provide this same feature for other
    kinds of access checks such as "Can I bind to this reserved port".
    Modules would hook this new function leaving the function itself
    security policy agnostic. I would propose re-implementing the access()
    call to be a wrapper for the new function so that module writers only
    need to hook into one place. Not implementing a generic call leaves us
    with a lot of programs that work under one module and not another or
    with a number of #ifdefs.
    
    Neil
    
    

    _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module



    This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 21:58:25 PDT