Re: c2 (or c2-like) auditing for Linux

From: Stephen D. Smalley (sdsat_private)
Date: Thu Jan 30 2003 - 11:58:34 PST

  • Next message: Chris Wright: "Re: c2 (or c2-like) auditing for Linux"

    > In order to get any of those messages you will have had to access
    > the object to determine that it's a directory. The access check
    > will have been done (it had better!) before you go looking around
    > in the object.
    
    Sorry, no.  Type checking often occurs before any kind of permission
    check to the object, whether we are talking about DAC or the LSM hook call.
    
    --
    Stephen Smalley, NSA
    sdsat_private
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu Jan 30 2003 - 11:52:18 PST