Re: Clarifications of LSM API

From: Tomas Olsson (tol@private)
Date: Tue Jun 29 2004 - 00:41:30 PDT

Next message: Serge E. Hallyn: "Re: Clarifications of LSM API"

Previous message: Valdis.Kletnieks@private: "Re: LSM policy!"
In reply to: James Morris: "Re: Clarifications of LSM API"
Next in thread: Serge E. Hallyn: "Re: Clarifications of LSM API"
Reply: Serge E. Hallyn: "Re: Clarifications of LSM API"
Reply: Valdis.Kletnieks@private: "Re: Clarifications of LSM API"
Reply: Crispin Cowan: "Re: Clarifications of LSM API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

James Morris wrote:
> They are 'restrictive' in that they can only reduce access, not increase
> it.
>
Is there any particular reason why LSM uses stacking?

To me the possibiliy of having several, specialized modules called for
access checks in the order they were loaded, seems very useful. If one
denies, the operation is denied. That way, any LSMs could coexist without
the need for stacking implementation in every one.

With every LSM restricting access, security wouldn't be any lower (given
that capable() is handled in a sensible way), right? Seems like a fairly
clean patch.

/Tomas (please keep Cc)

Next message: Serge E. Hallyn: "Re: Clarifications of LSM API"
Previous message: Valdis.Kletnieks@private: "Re: LSM policy!"
In reply to: James Morris: "Re: Clarifications of LSM API"
Next in thread: Serge E. Hallyn: "Re: Clarifications of LSM API"
Reply: Serge E. Hallyn: "Re: Clarifications of LSM API"
Reply: Valdis.Kletnieks@private: "Re: Clarifications of LSM API"
Reply: Crispin Cowan: "Re: Clarifications of LSM API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jun 29 2004 - 00:42:32 PDT