* Matt Wimer (mattat_private) wrote: > Hi guys, > > The mailing list seems like the wrong place to email but i don't know > what to do about the error i'm geting from the bitkeeper tree: > > matt:/net/home/matt(11)> bk clone bk://lsm.immunix.org:5555 lsm > ERROR-Lock fail: possible permission problem. contact me off list and we'll resolve this, you are not the first to report this issue. it always works for me? > In responce to the "permissive vs. restrictive issue and ..." message > about ptrace, my answer to the problem when i ran into it was to just > overload capablity() and do the perm check there. > > My code is messy for right now and i plan to move my project(kip.sf.net) > over to the LSM as soon as possible: > > static inline int capable(int cap) > { > /* Don't allow ptrace of special apps. */ > if (current->cap_special && CAP_SYS_PTRACE == cap && !cyl_cap_stdvune()) > return 0; > > if (CAP_SYS_MODULE == cap && !cyl_cap_stdvune()) > return 0; > > if (CAP_SYS_BOOT == cap && !cyl_cap_stdvune()) > return 0; > > if (CAP_SYS_RAWIO == cap && !cyl_cap_stdvune()) > return 0; > ... > } capable() is currently a wrapper around a lsm hook (it calls security_ops->capable() and returns the results). this way the module can do it's own test like you have shown. it's not clear how we will handle capable() as we move forward, but the ideas you present are useful. do you maintain the capable check? or did you just eliminate it altogether? (the second is essentially the way it works now, it's just done in the module). in general i wouldn't want to add a large if statement like this as static inline code when capable() is called on the order of 600 times in the kernel (think code bloat). -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue Jun 05 2001 - 17:36:29 PDT