Re: LSM stacker update

From: Stephen Smalley (sds@private)
Date: Wed Feb 02 2005 - 06:10:54 PST

Previous message: Christopher Warner: "Re: x86-64 LSM BSD Securelevel module"
In reply to: Stephen Smalley: "Re: LSM stacker update"
Next in thread: Serge Hallyn: "Re: LSM stacker update"
Reply: Serge Hallyn: "Re: LSM stacker update"
Reply: Casey Schaufler: "Re: LSM stacker update"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Wed, 2005-02-02 at 08:50, Stephen Smalley wrote:
> Actually, on second thought, I wonder if selinux_netlink_recv should be
> calling avc_audit() upon a denial, as otherwise we will see no audit
> message for a denial even it is caused by the SELinux computation in
> selinux_netlink_send.  Similar issue for the audit subsystem's
> capability checks on the receiver side.

Hmmm...except that we won't have the sender's SID available to us in
selinux_netlink_recv(), so auditing would just occur in the receiver's
context, possibly incorrectly.

-- 
Stephen Smalley <sds@private>
National Security Agency

Previous message: Christopher Warner: "Re: x86-64 LSM BSD Securelevel module"
In reply to: Stephen Smalley: "Re: LSM stacker update"
Next in thread: Serge Hallyn: "Re: LSM stacker update"
Reply: Serge Hallyn: "Re: LSM stacker update"
Reply: Casey Schaufler: "Re: LSM stacker update"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Feb 02 2005 - 06:17:46 PST