On Fri, 8 Jun 2001, Stephen Smalley wrote: > > 5) For GODESSES'S SAKE, protect security_ops SOMEHOW, or this API is only > > e pluribus unum and vulnerable to "total replacement" from ANYWHERE > > in kernel space. Provide a "non-functional copy", provide a module > > check for revelation, SOMETHING. The idea of a global export just > > seems to introduce too many new vulnerabilities. > > As others have already said, this doesn't introduce any new > vulnerabilities. > But it DOES simplify the exploitation of a vulnerability. I've already "signed off" on this, but feel compelled to point out that exposing the security_ops structure DOES simplify any LKM's task if the code intends to "short circuit" security, even if only marginally. > -- > Stephen D. Smalley, NAI Labs > ssmalleyat_private J. Melvin Jones |>------------------------------------------------------ || J. MELVIN JONES jmjonesat_private |>------------------------------------------------------ || Microcomputer Systems Consultant || Software Developer || Web Site Design, Hosting, and Administration || Network and Systems Administration |>------------------------------------------------------ || http://www.jmjones.com/ |>------------------------------------------------------ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Jun 08 2001 - 15:33:41 PDT