Hi
I have a few questions regarding LSM implementation.
I hope i dont drive the mailing list crazy with my ignorance , but i
have given it my best shot reading it already .
Issue 1
-----------
Have been trying to understand the need for LSM from the security perspective .
As per my understanding the patch employes LSM framework
by adding a hook to the source just before a system resources is
accessed .The hook inturns calls the policy engine (ideally the hook
is a call to a function ) .
1] Does the patch include the source for policy engine?
If yes how do i set rules to access a file ?
If no do i have to implement the policy engine ?
For instance open() system call without the LSM patch checks for file
attributes for read write permissions from the user .
What does this "security_ops->file_permission (file, MAY_WRITE); "
do additionally?
In short do i need to write "C code" to implement the security
solution like checking if a file has symbolic link before opening to
avoid race condition ?
Issue 2
-----------
Apart from modular implementation the reason i moved from LIDS patch
without LSM --> LSM with OPENWALL/LIDS/SELINUX was because
LIDS provides administrative control over files and process and not
kernel level security . LIDS doesnt guarantee bufferover flow
solution. Openwall/LSM does
2] Does LSM with all its security modules(Open wall , LIDS, SELINUX
)co-exist and IMPLEMENT a solution to buffer overflow , format
strings and race conditions ?
What are the vulnerabilities that would remain if I dont use LIDS?
Thanks
Syed Ahemed
This archive was generated by hypermail 2.1.3 : Mon Jan 17 2005 - 10:16:32 PST