Re: Making forward progress

From: Stephen Smalley (sdsat_private)
Date: Mon Aug 06 2001 - 13:11:15 PDT

  • Next message: Stephen Smalley: "Re: Problems with some of the current hooks"

    On Mon, 6 Aug 2001 jmjonesat_private wrote:
    > If you didn't think this [authoritative hooks] was reasonable, I also
    > wonder... "why bother?"
    At the time, I was making a major pass through all of the LSM hooks
    to fix or improve various aspects, and there had been
    substantial discussion about authoritative hooks, so I decided to
    experiment with implementing them at that time.  That doesn't
    mean that I was sold on the idea of authoritative hooks, just
    that it seemed worth investigating.
    The resulting patch was definitely more invasive and more
    error-prone than for restrictive hooks (no surprise there),
    particularly for complex sequences of DAC logic.  Furthermore,
    it was not always practical to provide an authoritative hook
    since the DAC logic was sometimes intertwined with the 
    functional logic.  Of course, in the latter case, it is also
    difficult to move the restrictive hook after the DAC logic.
    It was also not clear how much benefit was provided by
    the resulting patch, since the existing capable() hook could be
    used for coarse-grained permissive behavior or to completely
    override DAC.  Fine-grained permissive behavior seemed
    easily deferable to a later phase of LSM.
    Stephen D. Smalley, NAI Labs
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 13:13:31 PDT