Re: State of Audit Proposal ?

• Previous message: Seth Arnold: "Re: Patch Acceptance Procedure"
• In reply to: KRAMER,STEVEN (HP-USA,ex1): "RE: State of Audit Proposal ?"
• Next in thread: Crispin Cowan: "Re: State of Audit Proposal ?"
• Next in thread: KRAMER,STEVEN (HP-USA,ex1): "RE: State of Audit Proposal ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* KRAMER,STEVEN (HP-USA,ex1) (steven_kramerat_private) wrote:
> 
> I'm also curious as to why you don't think Linux is an appropriate
> system for which to eliminate covert channels.

the best example is -ENOENT vs -EPERM (or -EACCES).  these values
are returned for different reasons from different points in the code.
so it is not as simple as let the MAC test determine the error it wants
to return.  linux source makes no attempt at single points of return
from functions.  you'll see many functions that use goto to try and get
a single point of return, but just as many functions don't.  so the code
audit required to assure yourself that you've managed every code return
path is high cost/low reward, IMHO.

-chris

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "Re: State of Audit Proposal ?"
• Previous message: Seth Arnold: "Re: Patch Acceptance Procedure"
• In reply to: KRAMER,STEVEN (HP-USA,ex1): "RE: State of Audit Proposal ?"
• Next in thread: Crispin Cowan: "Re: State of Audit Proposal ?"
• Next in thread: KRAMER,STEVEN (HP-USA,ex1): "RE: State of Audit Proposal ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jul 23 2001 - 18:42:22 PDT