David Wagner wrote: > Greg KH wrote: > >Ah, but Stephans program should first validate that the kernel is > >running SELinux by some other method than the syscall [...] > > Are there race conditions here? What if someone does a > 'rmmod selinux; insmod subdomain' between the time when > you check for the presence of SELinux and use the syscall? Isn't that isomorphic to the problem of "what if the bad guy got control of the machine before my module loaded?" To me, anyone who can do "rmmod" is either a trusted administrator, or has already broken security so hopelessly that it's not worth arguing about. Similarly, I understand that RPM is not concurrent-safe, and you'll hose your system if you issue two parallel RPM commands as root. There are just some things that an admin ought not do :-) Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 18:07:41 PDT