Re: Authoritative hooks updated to 2.4.13

From: Crispin Cowan (crispinat_private)
Date: Sun Oct 28 2001 - 17:30:27 PST

  • Next message: jmjonesat_private: "Re: Authoritative hooks updated to 2.4.13"

    jmjonesat_private wrote:
    
    >For the peanut gallery, and because this concern seems to be outside LSM's
    >defined concern of "access restriction" (which is a hazy and largish
    >area),
    >
    Begging to differ, but "access control" is very well defined: it is the 
    setting and enforcement of policies that determine which subjects 
    (users, processes) may access which objects (files, other passive 
    object) and subjects (processes can affect other processes). This is not 
    just my humble opinion, these are formal definitions: see the classic 
    Saltzer & Schroeder (again :-)
    http://web.mit.edu/Saltzer/www/publications/protection/index.html
    
    > I would like to state that I don't see the ptrace problem as being
    >within the interest/scope of LSM, but I do see it as being within the
    >scope of Linux Security.
    >
    Since ptrace is the interface by which some subjects (processes) affect 
    other subjects, it is well within the formal definition of access 
    control.  QED.
    
    Crispin
    
    -- 
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX Communications, Inc. http://wirex.com
    Security Hardened Linux Distribution:       http://immunix.org
    Available for purchase: http://wirex.com/Products/Immunix/purchase.html
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Sun Oct 28 2001 - 17:32:33 PST