Re: get_write_access hook

• Previous message: Casey Schaufler: "Re: get_write_access hook"
• In reply to: Casey Schaufler: "Re: get_write_access hook"
• Next in thread: Stephen Smalley: "Re: get_write_access hook"
• Next in thread: Stephen Smalley: "Re: get_write_access hook"
• Reply: Stephen Smalley: "Re: get_write_access hook"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Casey Schaufler wrote:

>Greg KH wrote:
>
>>Um, hooks that do nothing but let the module know what the kernel is
>>doing at a point in time, don't seem to be under the lsm charter right
>>now.  Like David Wagner said, it smells like audit.
>>
>There are a lot of hooks which are useful for audit. Are you
>going to take them out because of that? I would hope that the
>goal here is "not to do audit" as opposed to "prevent audit
>from being done". The fact that a hook might be useful for audit
>ought not poison it when it's good for other purposes as well.
>
What Casey describes has always been my intent: that phase 1 should 
enable access control, and anything else that might happen is a bonus.

I believe that Greg's post was a question looking for some access 
control justification for a hook that appears to supply simple 
notification of an event, which would normally be a "pure" audit 
feature.  Our access control justification in this case is that we will 
use the notification to invalidate certification of a program's right to 
run.

>I would also hope that we, as a group, could be just a touch
>less judgemental regarding the uses others plan to put LSM
>to. I don't much care what policy Steven, Crispin, or Greg
>might want, but I do want y'all to be successful with LSM.
>
To reiterate the feature policy: we don't care what any module developer 
proposes to do with their module, but we won't add a feature to Phase 1 
without an access control justification.  Whether that is judgemental or 
not is a matter of perspective :-)

With that out of the way, hopefully we can return to evaluating whether 
the community buys our AC justification for Seth's requested hook.

Crispin

-- 
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html



_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Stephen Smalley: "Re: get_write_access hook"
• Previous message: Casey Schaufler: "Re: get_write_access hook"
• In reply to: Casey Schaufler: "Re: get_write_access hook"
• Next in thread: Stephen Smalley: "Re: get_write_access hook"
• Next in thread: Stephen Smalley: "Re: get_write_access hook"
• Reply: Stephen Smalley: "Re: get_write_access hook"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Oct 02 2001 - 09:39:25 PDT