Attached are patches against the 2.6.0-test kernel to implement BSD Secure Levels as an LSM. seclvl-hooks.diff contains requisite hooks to implement some of the Secure Levels policies. Note that a settime hook currently exists in the LSM BK tree. It is not, however, in the kernel tree, and our patches apply to that tree. seclvl.diff contains the module code and the modifications to the Kconfig file to provide the config menu option. To address the fact that some administrators may wish to perform certain operations disallowed by the seclvl module, we have provided functionality whereby the administrator can, at the time that he loads the module, specify an executable that, when executed, will reduce the secure level to 0. It is assumed that the administrator, should he choose to use this feature, will employ additional security measures (i.e., stacking another module), to prevent it from being abused. Please take some time to look this over and provide feedback. It is meant to be nothing more than a lightweight security measure that an administrator who is already familiar with BSD Secure Levels can just pop into the kernel with reasonable expectations that he will get equivalent functionality. Mike Halcrow Security Software Engineer, IBM Linux Technology Center
This archive was generated by hypermail 2b30 : Thu Nov 20 2003 - 14:26:28 PST