Re: Kernel Security Extensions USENIX BOF Summary

From: Timothy Fraser (tfraserat_private)
Date: Fri Jul 06 2001 - 08:51:48 PDT

  • Next message: Serge E. Hallyn: "end of attach_pathlabel (was Re: Kernel Security Extensions USENIX BOF Summary)"

    Hi!
    
    Crispin Cowan:
    > How convinced are other people that this method can be made
    > sufficiently reliable?
    
          I'm convinced enough to go that way myself.  I worked on the
    original DTE prototype, the source of the HADB data structure that
    Doug described.  When I moved on to LOMAC, I had to implement an
    canonical-absolute-path-based scheme because my compatibility goals
    prohibited me from patching HADB-support hooks into the kernel.  I'm
    planning on going with a HADB-like solution for the LSM LOMAC port,
    because (1) I thought that the hooks for the alternate pathname-based
    approach were going away (perhaps I misunderstood at the BOF), and (2)
    that's the way my FreeBSD port is going to operate (via a layered FS) and 
    I figured I'd try to keep all my ports similar.
    
          It's always hard to abandon an already-working solution for a
    supposedly-better one that you've never tried before.  But the VFS
    layer is a well-defined interface.  It shouldn't be any harder to get
    a warm fuzzy about the non-bypassability of hooks placed there than it
    is for any of the kernel's other interfaces.  
    
                              - Tim Fraser, NAI Labs
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Fri Jul 06 2001 - 08:53:21 PDT