> To support more than one module arbitrarily, you need a stacking module. > I developed one (called "stacker") as a proof-of-principle. > You can get the "stacker" module as it exists from: > http://www.dwheeler.com/misc/stacker.c > However, although I've been monitoring the LSM mailing list, > I have _not_ tried to modify "Stacker" to keep it up-to-date, > so you'll need to modify it for it to work. > > I agree with you, there are many cases where stacking makes sense. > In particular, I think it'd be helpful to have multiple small > modules that store no data - they simply forbid certain suspicious > activities. If a module stores no data, then it's often > easy to combine with other things. For example, imagine modules that: > * Forbid creation of files with certain characters (control chars, > leading "-", shell metacharacters like "&"). > * Forbid creating/linking of files in ways that create temp file > problems (like OWLSM). > * Forbid execution of programs not in the root partition. > > The key thing to making stacking fast is to do funny pointer > manipulations so that checking the modules doesn't require > grabbing a lock. Once you do that, checking the modules is > simply walking a linked list & calling them - not a zero-cost > operation, but I expect it won't be bad. However, the only > real test is to make it work & do a performance measure, something > I've never gotten around to doing. > > Wade Yin: if you want to take over development of a stacker, > be my guest. Yes, I like to figure it out and do sth for that. Now I'm just doing my project here -- try to use some EA attributes to store the security infomation of file&program(that's another topic), if I can get time to do it(satcker) I will... In Multi policy modules,Maybe we should implement some hooks in a stack module as a primary module? if any of the policy modules denied the access, the stack module return "denied"? I got many details to try to make them clear now. About LSM: Maybe we should let it support other security policy, like audit and others,not only for access control? Maybe you got this plan already? There is anther project ACL&EA, Mr.Andreas try to save control info into extended attributes of inode, I thinks that's a nice idea to store all kinds of info, disk has hudge space to save them,but now there is only 1 block to use, that's a pity!! Or maybe we can connect this 2 projects to provide the base framework for some other security policies? So many "maybe"s for I'm not sure this project is for Immunix.com or just a project for fans. :-) Wade Yin _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jun 19 2003 - 02:01:21 PDT