Re: Port of secure fd handling to LSM

From: David Wagner (dawat_private)
Date: Tue Aug 07 2001 - 10:29:09 PDT

  • Next message: Greg KH: "Re: Problems with some of the current hooks"

    richard offer  wrote:
    >But the argument was that fds are not useful for any policy. 
    No, I think you're mis-stating the argument.  (At least, that wasn't
    *my* argument.)  The argument was that there seems to be little reason
    to pass the fd into, for example, the read() hook.  I can't think of a
    plausible access control policy that this is necessary for.
    >The policy could have been implemented by using the fd parameters to the
    >file_ops hooks and revoking access on read/write, but that would have meant
    >adding new hooks (open/post_open/close) and misleading since this was the
    >obvious way of implementing the policy (that's how Solar impemented it). I
    >was honest.
    >I can't win.
    I hope I don't have to say that the LSM list is not about whose ideas win
    -- it is about a joint endeavour to learn how best to support access control
    policies in Linux.  The more we learn about this, the more we all win.
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Tue Aug 07 2001 - 10:50:04 PDT