Re: NFSv4

From: Crispin Cowan (crispinat_private)
Date: Sat Aug 04 2001 - 20:04:40 PDT

  • Next message: James Morris: "Re: Low-level network hooks and rtnetlink"

    Jesse Pollard wrote:
    > There are many ways to get labels on files.
    >    1. put the label in the inode (requires significant modification to the
    >       inode - the label may have a LOT of bits)
    I.e. use a file system that provides native support for extended attributes.
    >    2. put a label identifier in the inode (use an unused 32/64 bit field in
    >       the inode), then lookup the identifier in a keyed file on the same
    >       filesystem.
    >    3. keep a key file containing the label indexed by inode (most generic) the
    >       key file must reside on the same media as the filesystem.
    Some variation of this is what the CBOSS project is doing for FreeBSD.
    While the "how" of labeling files is an interesting and important security question, it
    is not really an LSM question.  It is an issue for file system developers.
    > It also would appear that it would be possible (not necessarily desirable, or easy)
    > for the LSM to be capable of bypassing the VFS to access the extended features
    > provided by the filesystem - provided the filesystem DID have a hook in the file ops
    > to access these features. The LSM may be able to use the "lsm_inode_permission" as a
    > way to evaluate the extended feature.
    That's an interesting notion.  Would taking this approach result in an LSM module that
    will only load if the loaded file system has been appropriately hooked?  Or is it
    possible to have a module go looking for a hook function, and then just shrug it off if
    the hook function is not found?
    > It seems more likely that such an ability would be used to evaluate the capability,
    > debug the feature, test... before such a feature is added to the VFS.
    That does seem like a constructive way to approach the "enhance VFS" problem.
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX Communications, Inc.
    Security Hardened Linux Distribution:
    Available for purchase:
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Sat Aug 04 2001 - 20:05:45 PDT