Re: Assurance, permissiveness, and restriction

From: Casey Schaufler (caseyat_private)
Date: Mon Jun 04 2001 - 12:04:17 PDT

  • Next message: Stephen Smalley: "Re: Assurance, permissiveness, and restriction"

    Stephen Smalley wrote:
    > 
    > On Mon, 4 Jun 2001, Casey Schaufler wrote:
    > 
    > > Err, it was on the selinux list. Someone wants a policy
    > > which modifies the DAC policy under certain MAC conditions.
    > > It was something on the order of "users cleared for TS
    > > can read UNCLASS data regardless of the file permissions."
    > > You can't do that if the traditional DAC checks are done
    > > outside the policy module.
    > 
    > I've previously suggested (both on this list and on the
    > selinux list) that it would be nice to be able to provide
    > this kind of functionality (...).  By
    > replacing the guts of capable() with a call to the LSM
    > hook, I get halfway there - I can allow a process in the
    > FOO domain to override discretionary read restrictions
    > on all files.
    
    I guess that's my point. Sure, you can kludge it up
    so that it sorta works the way you'd like in this case,
    but it sure ain't generally useful.
    
    -- 
    
    Casey Schaufler				Manager, Trust Technology, SGI
    caseyat_private				voice: 650.933.1634
    casey_pat_private			Pager: 888.220.0607
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Mon Jun 04 2001 - 12:07:32 PDT