Re: NFSv4

From: Stephen Smalley (sdsat_private)
Date: Mon Aug 06 2001 - 06:59:04 PDT

  • Next message: richard offer: "Re: Problems with some of the current hooks"

    On Sat, 4 Aug 2001, Jesse Pollard wrote:
    
    > There are many ways to get labels on files.
    >    2. put a label identifier in the inode (use an unused 32/64 bit field in
    >       the inode), then lookup the identifier in a keyed file on the same
    >       filesystem.
    
    The original SELinux prototype used this approach.  Specifically, we
    stored a persistent security identifier (PSID) in a spare field of the
    ext2 on-disk inode, maintained a file in each file system that
    maps PSIDs to (offset, length) pairs for the variable-length
    security contexts, and maintained a file in each file system with
    the actual security contexts.
    
    >    3. keep a key file containing the label indexed by inode (most generic) the
    >       key file must reside on the same media as the filesystem.
    
    The LSM-based SELinux prototype uses an approach similar to this one,
    but slightly different.  We have a file that maps inode numbers to PSIDs
    to replace our use of the spare field in the ext2 on-disk inode (since
    this isn't feasible using LSM), and then we still have the other
    two files for mapping PSIDs to contexts.
    
    > The advantage of 2 over 3 is that the same identifier may be used on multiple
    > files.
    
    You can achieve the same goal with #3 - you can keep the level of
    indirection provided by the identifiers (PSIDs).
    
    > The advantage of 3 over the rest is that it can be done on any filesystem that
    > has inode numbers on disk. This even includes the possiblity of using the inode
    > as a key to an identifier, which in turn is a key to the label.
    
    Yes, this is what the LSM-based SELinux prototype does.
    
    --
    Stephen D. Smalley, NAI Labs
    ssmalleyat_private
    
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 07:00:31 PDT