Re: Kernel Security Extensions USENIX BOF Summary

From: Stephen Smalley (sdsat_private)
Date: Mon Jul 02 2001 - 13:34:06 PDT

  • Next message: Serge E. Hallyn: "Re: pathnames"

    On Mon, 2 Jul 2001, Emily Ratliff wrote:
    
    > The BOF started off with Robert Wilson talking about his TrustedBSD
    > project. Amon Ott spoke about RSBAC. Peter Loscocco spoke about SELinux
    
    That's Robert Watson of TrustedBSD.  But he is quite flexible and
    probably wouldn't object to being called Robert Wilson.
    
    > - The question of whether compatibilities should be a module came up but
    > was not really discussed.
    
    That's capabilities, not compatibilities.  
    
    > - Stephen Smalley brought up the issue of duplication of some of the
    > hooks. For instance, some code paths call two separate LSM hooks. One
    > example of this is the hook at attach_pathlabel and at the inode level.
    > Stephen felt that this would be frowned on by the kernel developers.
    
    For example, vfs_mkdir calls the post_mkdir LSM hook for assigning labels
    to newly created directories, and sys_mkdir calls the attach_pathlabel LSM
    hook for the same purpose.  The problem is that the DTE project wants the
    vfsmount, which is only available in the sys_mkdir, in order to
    reconstruct the absolute pathname, whereas we are ok with just
    the dentry/inode and want to ensure that the assignment occurs
    on every directory creation, so we would prefer it to happen in
    vfs_mkdir.  I'm thinking that we can eliminate the attach_pathlabel
    hook calls in these situations, following Doug's suggestion for
    modules that use implicit attribute assignments, and that we
    can even push down some of the other attach_pathlabel hook calls
    to shadow lower-level i_op->lookup calls.  I would like to minimize
    any hook dependencies on vfsmounts.
    
    --
    Stephen D. Smalley, NAI Labs
    ssmalleyat_private
    
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Mon Jul 02 2001 - 13:35:32 PDT