Seth Arnold wrote: > On Mon, Jul 23, 2001 at 12:05:12PM -0700, KRAMER,STEVEN (HP-USA,ex1) wrote: > > Are we to use the Linux man pages as a functional spec for the interfaces > > that LSM must continue to respect? > > If this were *BSD, where the manpages are kept reliably up-to-date, I'd > unhesitatingly say Yes. However, given that some of these manpages > haven't been touched since 1994 or earlier, perhaps there is some other > source that we shold be using instead? I'm still catching up on mail, and have to hit the road soon, so a full, more coherent response to Steve Kramer's post will be forth coming. In the mean time, IMHO LSM should not impose a policy on what gets returned. It should be the default case that the dummy LSM module returns the same codes that Linux does now. It should be easy for modules to continue returning the standard Linux codes, to preserve compatibility. But it should also be possible for a module to set its own policy, and return any code it wants. Now, with respect to the DAC/MAC sequence order: various parties want MAC checked first, so that there is not a covert channel via the different MAC/DAC error codes returned. I submit that the existance of this covert channel is *created* by modules that return non-standard codes. To close the covert channel, stick to the standard codes. Comments? (I know, asking for comments is redundant :-) Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Jul 23 2001 - 12:30:31 PDT