Re: Design scope of a security policy module

From: Greg KH (gregat_private)
Date: Mon Nov 04 2002 - 08:34:46 PST

  • Next message: Chris Wright: "Re: insmod"

    On Mon, Nov 04, 2002 at 03:22:22PM +0000, Henrę Țór Baldursson wrote:
    > 	I'm not here to debate licensing issues. I'm here rather to investigate
    > how extensive the framework is. What the design scope of a security
    > policy module should be. For example with regards to access control to
    > files, more specifically where the access control verdict depends on the
    > content of files, it seems logical to me for the framework to cache
    > verdicts in order to reduce resource usage and increase responsiveness
    > of the system.
    > 	When an access control policy, whose only factor is content, is applied
    > to a file. That policy should not need to be applied to said file until
    > its content changes, or a reasonable amount of time has passed. And I,
    > personally, feel that this functionality belongs in the framework rather
    > than in something called a "security policy module". 1) Because caching
    > verdicts has nothing to do with security, it has to do with reducing
    > latency in the framework's design. 2) Because this would prevent people
    > from excessively redesigning the wheel and causing code obesity.
    > 	My questions are: Has/Should this functionality be implemented in the
    > framework rather than in security policy modules? What are your opinions
    > on the matter?
    Hm, do you have any specific examples of function calls that should be
    "cached"?  And how do you know if (for example) a file's content's
    hasn't changed from the last time it was accessed, within the existing
    hooks (like the read() hook for example)?
    At first glance I would say that there should not be anything within the
    framework to accomplish such "cacheing" as the framework is nothing but
    a bunch of function calls that would point to your code.  You could
    accomplish the caching just as fast as anything within the framework
    could do.
    A simple example patch for what you are wanting to accomplish would be
    helpful in explaining your concept here.
    greg k-h
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Mon Nov 04 2002 - 08:39:23 PST