On Tue, Jun 12, 2001 at 01:13:32PM -0400, Stephen Smalley wrote: > > I'm not adverse to moving the capabilities logic into a module, > although I'm not convinced that it is a hard requirement - the > NSA folks have a different recollection of what was said at > the Linux Kernel Summit, and Linus' email doesn't seem to impose > it as a hard requirement. But I would like to see the migration > of the capabilities logic done in a more minimal and cleaner > way than the current LSM patch, as I've previously proposed > (e.g. leave existing capable and compute_creds calls untouched, > separate the capability-specific logic out of ptrace, compute_creds, > and set*id, leaving the base logic in place). I particularly want > to ensure that the base LSM kernel provides reasonable Unix DAC + > superuser security behavior without any security modules, which isn't the > case with the current LSM patch. It also isn't clear as to whether we > need to move the capability bits from the task_struct and the linux_binprm > into the security blobs - Linus' email also seems to leave that door open > to permit easy composition of other modules with capabilities. Heh, two different people, two different interpretations of what was said :) Anyone want to listen to the audio of the presentation and see if they can come up with what was really said? I think there's no problem with a kernel with no DAC and superuser security behavior present, if there is no security module present. The embedded people want this, it makes the kernel smaller, and possibly a tiny bit faster. But I'm not going to argue this any more, I agree that the current capabilities specific logic is messy, but hey, it's messy logic to start with, and something has to be done :) > > What other changes (besides the elf header change) did you see that was > > left over from Immunix changes, or were irrelevant? I thought I got all > > of those out :) > > There is also a sysctl_codomain declaration in include/linux/sysctl.h. Thanks, now removed. greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jun 14 2001 - 10:04:30 PDT