Re: Stacking - anyone care how to report module id's?

• Previous message: Greg KH: "Re: Stacking - anyone care how to report module id's?"
• In reply to: Greg KH: "Re: Stacking - anyone care how to report module id's?"
• Next in thread: Greg KH: "Re: Stacking - anyone care how to report module id's?"
• Next in thread: Crispin Cowan: "Re: Stacking - anyone care how to report module id's?"
• Reply: Greg KH: "Re: Stacking - anyone care how to report module id's?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Greg KH wrote:

>Huh?  What is going to scale poorly?  The current sys_security() call?
>I don't see anything in the current code tha scales badly.  All I hear
>is vague statements about how some code, sometime in the future that
>impmenents a sys_security() hook, might not scale well.
>
Thus is the nature of API design: you design the interface for 
anticipated future needs, not just what's on the table. "640k ought to 
be enough for anybody." :)

>Come on people, if there is a real problem, I'd be glad to deal with it.
>And as there is no posted code showing a problem,
>
But there IS code dealing with it: David came to the group *with code* 
and pointed out that he cannot reasonably implement his Stacker function 
with the API as-is. I don't count the polling response as "reasonable"; 
that's a kludge to get around a limitation in the API.

> I think this thread
>should just die.
>
Unlikely, since all posters support the API change except you :)  At the 
very least, it would take several people posting with more persuasive 
arguments than "I don't feel like it" to kill the thread.

On the other hand, Greg's made his views quite clear, and we shouldn't 
expect *him* to do the implementation change. I'm actually waiting for 
Chris to return from vacation (should be today, IIRC) before taking a 
definitive stand. But once Chris does get back, I have a thing or two :) 
for him to do before he gets around to changing this API. Does anyone 
else want it enough to do the work?

>>>The policies for OWLSM are already able to be turned on and off at
>>>config time.
>>>      
>>>
>>And the next thing you know, somebody will want it on a per-process basis. ;)
>>    
>>
>And you want to call sys_security() when every sys_execev() happens?
>You need to rethink your model, or use the existing hooks that are
>already present for just such a need :)
>
Not on every exec, but it is plausible for a process (e.g. Courier) to 
make a syscall of 
sys_security("allow-me-to-hard-&-soft-link-thankyouverymuch"). Issuing 
commands to modules is what sys_security is for; I don't see this as a 
violation of the hooking model.

Crispin

P.S.  Yes, I see the security problem in letting processes manage their 
own security policies. Its just an example, and can be mitigated, but it 
would make the post longer and distract from the point.

-- 
Crispin Cowan, Ph.D.
Chief Scientist, WireX                      http://wirex.com/~crispin/
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html


_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Greg KH: "Re: Stacking - anyone care how to report module id's?"
• Previous message: Greg KH: "Re: Stacking - anyone care how to report module id's?"
• In reply to: Greg KH: "Re: Stacking - anyone care how to report module id's?"
• Next in thread: Greg KH: "Re: Stacking - anyone care how to report module id's?"
• Next in thread: Crispin Cowan: "Re: Stacking - anyone care how to report module id's?"
• Reply: Greg KH: "Re: Stacking - anyone care how to report module id's?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 26 2002 - 11:03:26 PDT