On Tue, 16 Jul 2002, Stephen Smalley wrote: > The dummy > module should mostly function as expected for traditional superuser logic, > but will run into a denial on netlink messages due to the lack of the > netlink changes in this patch. Sorry, this statement isn't correct. As it currently stands, the dummy security module never touches or uses the task cap_* fields, so these fields retain the initial values inherited from the parent task, going all the way back to the init task. Hence, any direct capability checks against the task cap_* fields by the base kernel (as opposed to calls to capable() or security_ops->capable()) will always succeed when the dummy module is in use. In the full LSM patch, we replace all such direct capability checks with hook calls so that the dummy module can perform a traditional superuser test. However, the base LSM patch that I posted does not include all of those changes, particularly the netlink changes and the OOM killer changes. We could add those changes to this base patch for completeness if desired, but they are located in the mm code and the netlink code, so it may be preferable to keep them separate. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jul 18 2002 - 05:41:20 PDT