Re: PROBLEM: A Capability LSM Module serious bug

From: Chris Wright (chrisw@private)
Date: Mon Dec 08 2003 - 10:26:59 PST

Next message: Chris Wright: "Re: PROBLEM: A Capability LSM Module serious bug"

Previous message: Valdis.Kletnieks@private: "Re: PROBLEM: A Capability LSM Module serious bug"
In reply to: Serge E. Hallyn: "Re: PROBLEM: A Capability LSM Module serious bug"
Next in thread: Serge E. Hallyn: "Re: PROBLEM: A Capability LSM Module serious bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Serge E. Hallyn (hallyn@private) wrote:
> The main question is do we declare cap_effective to belong solely to
> capability.c, or do we want capability.c to trust previous LSM's
> computations of those values?  So, even with the current case, if we
> insmod, rmmod, then re-insmod capability, do we want to revoke all
> previous cap_* computations?

This is a common issue with the opaque blobs as well.

> It seems reasonable for it "belong" to capability.c (and I've heard of
> noone else wanting to use it).  I just don't think we've explicitly
> declared this to be the case.

Unfortunately, it's currently used by kernel proper.  So we need a
generic solution.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net

Next message: Chris Wright: "Re: PROBLEM: A Capability LSM Module serious bug"
Previous message: Valdis.Kletnieks@private: "Re: PROBLEM: A Capability LSM Module serious bug"
In reply to: Serge E. Hallyn: "Re: PROBLEM: A Capability LSM Module serious bug"
Next in thread: Serge E. Hallyn: "Re: PROBLEM: A Capability LSM Module serious bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Dec 08 2003 - 10:28:20 PST