* James Morris (jmorrisat_private) wrote: > On Tue, 24 Jul 2001, Wayne Salamon wrote: > > > > > OK, but how many hooks do we want? Minimal, correct? Looking at ioctl.c, > > > > I would suggest that we simply start by adding all of the hooks that are > needed for each of the LSM-based projects and refactor as appropriate. I > don't think we can anticipate every possible case at this stage. > > Let us assume that the combined requirements of selinux, rsbac, dte, sgi, > immunix etc. constitute a reasonably generic set of security requirements > for the kernel. > > In the netdevice case, we are checking userspace data and the hook needs > to be down at the level where the data is normally copied. Also, I feel > that the hook granularity is correct for this case, and provides a useful > level of abstraction to the LSM module developer. "as abstract as possible and no abstractor" -unknown i fully agree. this demonstrates the typical schism between the kernel mainline development and security projects. speed and maintainability dictate kernel choices. while security assurance dictate our needs. clearly we must handle user data _after_ copied into the kernel (by core kernel code). we will not do it any other way. this is unfortunate when it requires us to sprinkle our hooks all over the place, but this is reality right now. -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Jul 25 2001 - 11:56:37 PDT