Re: LSM root_plug module questions

From: David Härdeman (david@private)
Date: Wed Aug 31 2005 - 01:04:04 PDT


Chris Wright (chrisw@private) wrote:
> * David Härdeman (david@private) wrote:
> > I'm currently playing around with the security/root_plug.c LSM module
> you'll have better luck on the lsm list

Thanks for the pointer

> > 1) What's the recommended way of telling that someone is logging in to
> > the computer (via ssh, virtual console, serial console, X, whatever)
> > with LSM? Look for open() on /dev/pts?
>
> logging in...this is really a userspace notion, so via PAM.  creating a
> new process or changing credentials of a new process are the types of
> things that lsm watches (and of course, opening of files).

Yes, I realized that by reading the include/linux/security.h comments
describing the security hooks. The question is rather if there is something
which all the different methods of logging in have in common that can be
caught with a LSM hook?

> > 2) root_plug currently scans the usb device tree looking for the
> > appropriate device each time it's needed. In the interest of making the
> > result of the lookup cached, it is possible for a module to register so
> > that it is notified when a usb device is added/removed?
>
> I don't think that can be done in a race free manner.  Perhaps get the
> device and check its state, but you'd have to ask usb folks.  ATM, it's
> only checked during exec of root process.

The reason that I wanted to do caching is that I want to add more checks
to the root_plug module. For instance, to deny all socket accept() and
connect() calls when the USB module is missing (to not break already
established connections but not allow any new ones, e.g. to lock out any
new SSH sessions).

I'm assuming that this could introduce the need for some kind of caching
of the results of the USB-device-present check as the number of checks
increase.

Regards,
David



This archive was generated by hypermail 2.1.3 : Wed Aug 31 2005 - 09:21:35 PDT