Re: Legitimate Question

From: jmjonesat_private
Date: Fri Jan 25 2002 - 05:20:23 PST

  • Next message: Stephen Smalley: "Re: Legitimate Question"

    On Thu, 24 Jan 2002, Crispin Cowan wrote:
    
    > jmjonesat_private wrote:
    > 
    > >Um, the only problem I have is getting the executable I write to be "full
    > >permission" on a variety of systems.
    > >
    > ... bypassing security.
    
    Not exactly.  The 'executable' I was referring to would be the "permission
    tester" used during install, which would have to have both it's own
    permission to do things and be able to adopt the permission of the
    application being installed (setsec()?) to determine if it will have
    permission to do things when operating (a special permission in itself.) 
    The way I phrased it betrays my LSM-incorrect "root permission followed by
    setuid/setgid" thinking. 
    
    Similar to running an install script as root and then checking the
    owner/group/permissions of pre-existing files and directories to
    determine if the application will have the access it needs and adjusting
    (or failing) the installation appropriately.  
    
    > It CANNOT be done in a cross-module manner. At best, you can write one 
    > program that speaks the language of several modules. That is as 
    > cross-module as it is ever going to get.
    
    Yes, thanks to this discussion I see that you are correct.  My question
    was based on the observation that different modules will use different
    strategies and, until the target application is actually running, it is
    not evident from examination of the permissions of various resources if it
    will actually have permission to access anything.  Shell scripts that use
    code such as
    
    if test -r filename
    then
    ...
    else
    ...
    fi
    
    no longer, necessarily, indicate that the file will be readable by
    another application running as the same owner/group as the testing script.
    
    I was hoping for some sort of 
    
    if test --As_If_I_Was other_app -r filename
    ...
    
    that would provide similar function across LSM modules. 
    
    This will require a different sort of thinking and I was trying to get a
    handle on what it will mean for "installer mechanisms" that I'm using.
    I now see that the version of 'test' will have to match the module 
    and it's not going to be likely there can be a "one version fits all"
    solution.
    
    > 
    > Crispin
    > 
    > -- 
    > Crispin Cowan, Ph.D.
    > Chief Scientist, WireX Communications, Inc. http://wirex.com
    > Security Hardened Linux Distribution:       http://immunix.org
    > Available for purchase: http://wirex.com/Products/Immunix/purchase.html
    
    Thanks,
    J. Melvin Jones
    
    |>------------------------------------------------------
    ||  J. MELVIN JONES            jmjonesat_private 
    |>------------------------------------------------------
    ||  Microcomputer Systems Consultant  
    ||  Software Developer
    ||  Web Site Design, Hosting, and Administration
    ||  Network and Systems Administration
    |>------------------------------------------------------
    ||  http://www.jmjones.com/
    |>------------------------------------------------------
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Fri Jan 25 2002 - 05:21:37 PST