Re: [RFC] [Stacking v4 2/3] New version of SELinux patch to support stacking

From: Stephen Smalley (sds@private)
Date: Tue Dec 07 2004 - 10:41:18 PST


On Tue, 2004-12-07 at 14:17, Serge Hallyn wrote:
> Does SELinux expect any other LSM to be loaded as secondary than
> capability?  Could the secondary_ops stuff be replaced by capability-
> specific code?

For our purposes, yes; we could just as easily call the cap_* functions
directly from the SELinux hook functions.  Some people (Valdis, Joshua)
have experimented with using the secondary_ops for other security
modules (openwall-like restrictions, digsig) that do not need to use the
security fields, and we did add some additional secondary_ops calls for
that purpose a while back, but they likely could just use the stacker
module instead.

We could also change calls to capable() from SELinux hook functions to
instead call selinux_capable(), as that would still ensure that both
capability and SELinux checking was applied and avoid the nested stacker
calls in those cases.  However, we'd still have nested stacker calls
when the cap_* functions call capable() internally.  But in those cases,
that might be desired anyway by other modules.

-- 
Stephen Smalley <sds@private>
National Security Agency



This archive was generated by hypermail 2.1.3 : Tue Dec 07 2004 - 10:46:43 PST