ACLs and Extended Attributes (was: MAC before DAC vs DAC before MAC)

From: Crispin Cowan (crispinat_private)
Date: Sat Jul 28 2001 - 20:07:09 PDT

  • Next message: Chris Wright: "Re: [ADMIN] mail list outage"

    jmjonesat_private wrote:
    
    > I have heard that there's another project dealing with ACLs, but I wonder
    > if these are NOT Linux Security and if they ARE, shouldn't we give some
    > thought thereto?
    
    ACLs are one form of "extended attributes".  File system attributes are things like user
    and group ownership and mode bits attached to each file and directory in the file system.
    Many classical security models depend on having more attributes than these attached to
    files, such as ACLs (lists of subjects that may access the file) or MAC labels.  This is
    all deep in the guts of the file system, and so needs to be owned by the respective
    developers of the various file systems (EXT3, Reiser, XFS, JFS, etc.).
    
    Further, extended attributes depend on a whole bunch of file system commands being able to
    display and manipulate the extended attributes, e.g. ls and chmod must be able to do
    something with the extended attributes.
    
    Making all this stuff work has WAY too many dependencies for LSM to depend on any of
    them.  At best, we should allow modules to access this functionality, but that's
    problematic, because the functionality is specific to the file system, and thus may not be
    there depending on which file system is in use.
    
    Does anyone know whether the VFS layer provides sufficient information to abstractly
    access extended attribute information?  If so, great.  If not, then we'll have an ugly
    mess connecting an LSM module to a file system-specific extended attribute facility.
    
    Crispin
    
    --
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX Communications, Inc. http://wirex.com
    Security Hardened Linux Distribution:       http://immunix.org
    Available for purchase: http://wirex.com/Products/Immunix/purchase.html
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Sat Jul 28 2001 - 20:09:04 PDT