On Sat, 4 Aug 2001, Jesse Pollard wrote: > There are many ways to get labels on files. > 2. put a label identifier in the inode (use an unused 32/64 bit field in > the inode), then lookup the identifier in a keyed file on the same > filesystem. The original SELinux prototype used this approach. Specifically, we stored a persistent security identifier (PSID) in a spare field of the ext2 on-disk inode, maintained a file in each file system that maps PSIDs to (offset, length) pairs for the variable-length security contexts, and maintained a file in each file system with the actual security contexts. > 3. keep a key file containing the label indexed by inode (most generic) the > key file must reside on the same media as the filesystem. The LSM-based SELinux prototype uses an approach similar to this one, but slightly different. We have a file that maps inode numbers to PSIDs to replace our use of the spare field in the ext2 on-disk inode (since this isn't feasible using LSM), and then we still have the other two files for mapping PSIDs to contexts. > The advantage of 2 over 3 is that the same identifier may be used on multiple > files. You can achieve the same goal with #3 - you can keep the level of indirection provided by the identifiers (PSIDs). > The advantage of 3 over the rest is that it can be done on any filesystem that > has inode numbers on disk. This even includes the possiblity of using the inode > as a key to an identifier, which in turn is a key to the label. Yes, this is what the LSM-based SELinux prototype does. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 07:00:31 PDT