Re: sys_setpriority error

From: David Wagner (dawat_private)
Date: Wed May 30 2001 - 23:06:12 PDT

  • Next message: Chris Wright: "Re: sys_setpriority error"

    Chris Wright  wrote:
    >The current implementation allows the module to override other factors in
    >giving you permission.  It does _not_ allow the module to override other
    >factors in denying permission.
    That's backwards from what we need for security!
    The kernel is permissive enough already.  What we most desperately
    need is to make it more strict.
    This seems really fundamental.  Am I missing something?
    P.S. I'm surprised that you call the current approach conservative.
    It seems the most conservative approach is to say "A LSM is only
    allowed to further restrict what an application can do"; this is
    conservative because it means that if an attack is allowed with the
    LSM, then it would have been allowed without the LSM, too.  In other
    words, my suggested approach is fail-safe, whereas the current approach
    is fail-open.
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Wed May 30 2001 - 23:08:28 PDT