Re: Making forward progress

From: jmjonesat_private
Date: Fri Aug 03 2001 - 09:08:01 PDT

  • Next message: Stephen Smalley: "RE: Making forward progress"

    More words from Linus:
    > I would, for example, be willing to entertain the notion of having a
    > (global or per-process or whatever) pointer to a "security checks"
    > structure:
    >         struct security_checks_struct {
    >                 int (*execve)(struct task_struct *tsk,struct binprm *new);
    >                 int (*file_open)(struct file *);
    >                 int (*raise_capability)(...
    >                 ...
    >                 ... selinux had about 140 points they wanted to hook into  ..
    >                 ... others probably have a few more.
    >                 ...
    >         };
    We've got this now... in fact, we have 140 hooks, at present. :)
    > and then just have a opaque per-security-model security ID thing scattered
    > around in critical places (the obvious being the thread structure, files,
    > directory cache, inodes, etc). 
    We have this, with our security blobs...
    > And instead of having _any_ policy at  all,
    > the kernel would just call the security procedure. Which might choose to
    > fail (-EFASCIST) or might choose to return success but silently downgrade
    > the security of the process that does the action, or whatever.
    This, we clearly don't have.  We have preserved the in-kernel (DAC)
    policies methodically and pre-emptively, to the serious inhibition of 
    "whatever".  Also, the kernel doesn't "just call the security procedure", 
    it goes through all the security checks it ever did, then ADDITIONALLY 
    calls the security procedure... turning it into a pure-cost issue
    This would seem to imply that moving DAC to a module would be entertained
    by Linus and might even more closely fit his requirements.
    *Shrug*, Two Out of Three?
    J. Melvin Jones 
    ||  J. MELVIN JONES            jmjonesat_private 
    ||  Microcomputer Systems Consultant  
    ||  Software Developer
    ||  Web Site Design, Hosting, and Administration
    ||  Network and Systems Administration
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Fri Aug 03 2001 - 09:09:30 PDT