uces. Much of the work was done
by employees of the NSA. They should be applauded for
the effort they put in just to be allowed to make this
available.
--
Casey Schaufler Manager, Trust Technology, SGI
[EMAIL PROTECTED] voice: 650.933.1634
[EMAIL
in the absence of a correct and
complete policy could be considered dangerous.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
--- Karl MacMillan [EMAIL PROTECTED] wrote:
On Tue, 2007-04-17 at 13:19 -0700, Casey Schaufler wrote:
--- Andi Kleen [EMAIL PROTECTED] wrote:
although this can often be done with PAM plugins, which is a standard
way
to do this kind of thing in modern Unix Linux OSs.
PAM
down results in an integrity model. Trusted
Irix uses (used?) both Biba and BLP.
(as well as MLS systems work in general that is).
Doh! He had to get the dig in.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message
-EPERM in the
access denial case. EACCES indicates that an access control decision
failed, while EPERM indicates that use of a privileged operation
was attempted while not possessing appropriate privilege.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe
than sockets is a novel
approach. It is a lot simpler underneath and more consistant with
the way other object name spaces are treated.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More
missing.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
of SELinux.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
a (newobject) secid that an object gets on creation.
And you want them all to be distinct and settable.
Did I get that right?
Thank you.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More
?
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
. action_sid is
used
to govern actions made by the task.
So put all these fields into one blob and attach them to the cred.
Actually, if you put all these fields in the task blob maybe you
don't need to do your COW thing at all.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list
--- David Howells [EMAIL PROTECTED] wrote:
Casey Schaufler [EMAIL PROTECTED] wrote:
Move into the cred struct the part of the task security data that defines
how a task acts upon an object. The part that defines how something acts
upon a task remains attached to the task
From: Paul Moore [EMAIL PROTECTED]
Add a new set of configuration functions to the NetLabel/LSM API so that
LSMs can perform their own configuration of the NetLabel subsystem without
relying on assistance from userspace.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
Signed-off-by: Casey Schaufler
a mandatory access control scheme that some people would like to be able
to use as a discretionary access control scheme. This is creepy after
seeing the MCS implementation in SELinux, which is also a DAC scheme
wacked out of a MAC scheme. Very interesting indeed.
Casey Schaufler
[EMAIL PROTECTED
so far
and see how best to make use of it, because my current plan is nowhere
near as good as yours.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http
--- Joshua Brindle [EMAIL PROTECTED] wrote:
Casey Schaufler wrote:
--- Crispin Cowan [EMAIL PROTECTED] wrote:
Dr. David Alan Gilbert wrote:
...
Can you explain why you want a non-privileged user to be able to edit
policy? I would like to better understand the problem here
From: Casey Schaufler [EMAIL PROTECTED]
This represents the rework required for changes to inode_getsecurity.
It is relative to smack24rc2v11, which is the version added to -mm,
but subsequently removed because of the change to inode_getsecurity
Signed-off-by: Casey Schaufler [EMAIL PROTECTED
is to my advantage. I am perfectly willing
to consider alternatives, but I confess that my natural reaction to
confrontation is to fight back.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More
/minor
is 1,27 rather than 1,3?
Isn't this the kind of thing that Bastille is good for?
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo
;
return 0;
}
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
. This was
in a real appliance, where faster CPUs were not an option. In fact,
not hardware changes were possible due to the issues with squeezing
in the 10GBe nics. This project would have been impossible without
the speed and deterministic behavior of th ekernel C environment.
Casey Schaufler
[EMAIL
From: Casey Schaufler [EMAIL PROTECTED]
Clean out unnecessary mutex initializations for Smack list locks.
Once this is done, there is no need for them to be shared among
multiple files, so pull them out of the header file and put them
in the files where they belong.
Pull unnecessary locking from
--- Jiri Slaby [EMAIL PROTECTED] wrote:
On 12/03/2007 07:39 PM, Casey Schaufler wrote:
From: Casey Schaufler [EMAIL PROTECTED]
Clean out unnecessary mutex initializations for Smack list locks.
Once this is done, there is no need for them to be shared among
multiple files, so pull
From: Casey Schaufler [EMAIL PROTECTED]
Addresses comments from akpm.
Clean out unnecessary mutex initializations for Smack list locks.
Once this is done, there is no need for them to be shared among
multiple files, so pull them out of the header file and put them
in the files where they belong
= selinux_key_getsecurity,
#endif
};
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org
or
secid_to_secctx to secid_to_security. Not the problem of the day.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read
--- Casey Schaufler [EMAIL PROTECTED] wrote:
From: Casey Schaufler [EMAIL PROTECTED]
...
I have verified this version against broken-out-2007-11-20-01-45
as well. Compiles, boots, and passes tests.
Thank you.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send
--- Andrew Morton [EMAIL PROTECTED] wrote:
On Tue, 20 Nov 2007 11:04:32 -0800 (PST)
Casey Schaufler [EMAIL PROTECTED] wrote:
--- Casey Schaufler [EMAIL PROTECTED] wrote:
From: Casey Schaufler [EMAIL PROTECTED]
...
I have verified this version against broken-out-2007-11
allowed a privileged process to write lower labeled files,
but not read higher labeled files. That way any files that got
created by accident were assured to be labeled at least as high
as the data they contained.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Wed, 2007-11-21 at 09:21 -0800, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Wed, 2007-11-21 at 09:48 -0600, Serge E. Hallyn wrote:
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED
--- Andrew Morgan [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Casey Schaufler wrote:
In the end we can call it CAP_LATE_FOR_DINNER if that's the only way
I can move forward. CAP_MAC_OVERRIDE is the obvious partner to
CAP_DAC_OVERRIDE, so that's still my
proposed
before the virus in my sinuses knocks me out completely.
Thank you.
* DG/UX supported over 330 capabilities and is my personal
poster child for excesses of granularity with regard to
capabilities. I don't really expect to see a Linux port.
Casey Schaufler
[EMAIL PROTECTED
From: Casey Schaufler [EMAIL PROTECTED]
This patch takes advantage of the increase in capability bits
to allocate capabilities for Mandatory Access Control. Whereas
Smack was overloading a previously allocated capability it is
now using a pair, one for overriding access control checks
--- Andrew Morgan [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Casey Schaufler wrote:
diff -uprN -X linux-2.6.24-rc3-mm1-base/Documentation/dontdiff
linux-2.6.24-rc3-mm1-base/include/linux/capability.h
linux-2.6.24-rc3-mm1-smack/include/linux/capability.h
From: Casey Schaufler [EMAIL PROTECTED]
This patch takes advantage of the increase in capability bits
to allocate capabilities for Mandatory Access Control. Whereas
Smack was overloading a previously allocated capability it is
now using a pair, one for overriding access control checks
--- Andrew Morton [EMAIL PROTECTED] wrote:
+ !__capable(current, CAP_MAC_ADMIN))
+ !__capable(current, CAP_MAC_ADMIN))
Is there any reason for not using plain old capable() here?
Nope. I'll clean that up.
Thank you.
Casey Schaufler
[EMAIL PROTECTED
at http://sourceforge.net/projects/talpa/ to host it.
Thanks for showing a wonderful source code example of why lsm shouldn't
be exported :)
Would you like to expound on that, or do you feel your claws
are sharp enough already?
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send
if that is the
only problem. I should have a patch (unless someone beats me to it)
later today.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo
From: Casey Schaufler [EMAIL PROTECTED]
Bump the value of CAP_LAST_CAP to reflect the current last cap value.
It appears that the patch that introduced CAP_LAST_CAP and the patch
that introduced CAP_MAC_ADMIN came in more or less at the same time.
Signed-off-by: Casey Schaufler [EMAIL PROTECTED
have a use case that isn't going to require the presence of
another LSM. You may have other issues, but at this point I say
throw caution to the wind, clean it up based on the suggestions
you've seen here, and put the patch up as an RFC on the LSM list.
What's the worst that could happen?
Casey
From: Casey Schaufler [EMAIL PROTECTED]
Collect the Smack label of the other end on connection so that
getsockopt(..., SO_PEERSEC, ...) can report it. This is done
in smack_inet_conn_request(). Report the correct value in
smack_socket_getpeersec_stream(). Initialize the smk_packet
field
deal with Smack, or any LSM other than SELinux.
Just as Stephen mentions, I also don't see the generality that a change
of this magnitude really ought to provide.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message
with the (perhaps archaic now) behavior
of nfsd on Unix, which did nothing but lend it's credential to the
underlying kernel code. I think it's a rational approach, although I
expect that in may have troubles under SELinux.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line
--- David Howells [EMAIL PROTECTED] wrote:
Casey Schaufler [EMAIL PROTECTED] wrote:
That happens to me when interfaces are described in SELinux terms. I
still don't care much for multiple contexts, and I don't have a good
grasp of how you'll deal with Smack, or any LSM other than
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Mon, 2007-12-10 at 14:26 -0800, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Mon, 2007-12-10 at 21:08 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
Otherwise, only other issue
it, if that's what he
really wants to do.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http
, given the daemon's own security context? That seems entirely
reasonable to me.
Works for Smack. I can't say definitively, but I think it will
work for SELinux. Beyond that and we're into the fuzzy bit of the
LSM.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line
to do networking or audit will have to deal with
secid's and secctx's the method outlined above ought to fit the
bill.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Tue, 2007-12-11 at 15:04 -0800, Casey Schaufler wrote:
--- David Howells [EMAIL PROTECTED] wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
All your code has to do is invoke a function provided by libselinux.
Calling
--- David Howells [EMAIL PROTECTED] wrote:
Casey Schaufler [EMAIL PROTECTED] wrote:
You may need to have an application, say cachefileselinuxcontext, that will
read the current policy and spit out an appropriate value of whatever,
but that can be separate and LSM specific without
--- David Howells [EMAIL PROTECTED] wrote:
Casey Schaufler [EMAIL PROTECTED] wrote:
What sort of authorization are you thinking of? I would expect
that to have been done by cachefileselinuxcontext (or
cachefilesspiffylsmcontext) up in userspace. If you're going to
rely on userspace
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Wed, 2007-12-12 at 11:44 -0800, Casey Schaufler wrote:
--- David Howells [EMAIL PROTECTED] wrote:
Casey Schaufler [EMAIL PROTECTED] wrote:
What sort of authorization are you thinking of? I would expect
that to have been done
) while a DAC LSM may require CAP_DAC_OVERRIDE. SELinux
is likely to be the odd duck in this pond in that it does not use the
capability mechanism in the way Nature intends it to be, opting to
treat privilege with a completely different model.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from
]
Cc: Chris Wright [EMAIL PROTECTED]
Signed-off-by: H. Peter Anvin [EMAIL PROTECTED]
It is also the case that Smack does not use this hook.
It can be removed as far as I'm concerned.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel
in the minority on this
one. Oh well.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org
/
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
--- Chris Wright [EMAIL PROTECTED] wrote:
* Casey Schaufler ([EMAIL PROTECTED]) wrote:
And don't give me the old LKML is a tough crowd feldercarb.
Security modules have been much worse. Innovation, even in
security, is a good thing and treating people harshly, even
for their own good
The Smack patch and Paul Moore's netlabel API patch,
together for 2.6.24-rc1. Paul's changes are identical
to the previous posting, but it's been a while so they're
here again.
The sole intent of change has been to address locking
and/or list processing issues. Please don't hesitate to
point out
From: Paul Moore [EMAIL PROTECTED]
Add a new set of configuration functions to the NetLabel/LSM API so that
LSMs can perform their own configuration of the NetLabel subsystem without
relying on assistance from userspace.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/net/netlabel.h
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Wed, 2007-10-24 at 20:46 -0700, Casey Schaufler wrote:
...
+Smack does not implement Domain Type Enforcement (DTE). If
+you want DTE Linux has an implementation called SELinux.
+Those who really want DTE are encouraged to use SELinux
--- Joshua Brindle [EMAIL PROTECTED] wrote:
Casey Schaufler wrote:
The Smack patch and Paul Moore's netlabel API patch,
together for 2.6.24-rc1. Paul's changes are identical
to the previous posting, but it's been a while so they're
here again.
The sole intent of change has been
presently. If not it
may take a day or two longer. You have not been forgotten.
Thank you for your contribution.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http
,
and now have a (long) list of improvements and fixes.
No rest for the wicked.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
it was me, of
course. Linus is right, you know.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http
squeeze some legless
reptiles now.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org
.
Sincerely,
OMO
Most excellent. Thank you.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http
,
even if they were somehow stacked. Multiple LSMs has issues,
like what should security_secid_to_secctx() return to the audit
system, but privilege model shouldn't be one of them.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body
that virtually no one wants into any system is a bad idea. If
you haven't read Man of LaMancha I strongly suggest you do so.
Or at least see the play, it's got some catchy songs.
-
* If you don't know what MULTICS was you can buy me a beer and
I'll tell you the whole story
Casey Schaufler
[EMAIL
. SELinux is not interested in
Posix capabilities.
But no IBM had to do it.
Err, no. It was done by Andrew Morgan back in the dark ages.
Why on earth do you think IBM did it?
...
OK, you have all the answers. Show us some code or STFU.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from
is independent of LSM.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
that capget64() and capget64() are the way to go. Any objections?
Not from me. Thank you.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo
--- Al Viro [EMAIL PROTECTED] wrote:
On Tue, Oct 16, 2007 at 09:17:40PM -0700, Casey Schaufler wrote:
At random:
+static int smack_netlabel(struct sock *sk)
+{
+ static int initialized;
+ struct socket_smack *ssp = sk-sk_security;
+ struct netlbl_lsm_secattr secattr
had to
include all aspects of control, but today I see the value provided
by independent mechanisms such as IPtables.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http
that does not
interfere with the operation of normal administration. How close
you can come to that in independent of wether your kernel is
an integrated security solution or a collection of composed
modules.
This discussion is amazingly disconnected from the issues of LSM.
Casey Schaufler
[EMAIL
to innovation.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
for the trace, I hope to have the fix in short order.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http
|| sock-sk == NULL)
return 0;
/*
* Set the outbound netlbl.
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org
From: Casey Schaufler [EMAIL PROTECTED]
Smack uses CIPSO labeling, but allows for unlabeled packets
by specifying an ambient label that is applied to incoming
unlabeled packets. Because the other end of the connection
may dislike IP options, and ssh is one know application that
behaves thus
it should fix your problem.
I've also added similar checks in inode_{get/set}security(). Cheating
from SELinux post_create_socket(), it does the same. Casey, Thoughts ?
Signed-off-by: Ahmed S. Darwish [EMAIL PROTECTED]
Acked-by: Casey Schaufler [EMAIL PROTECTED]
This looks like the right sort
]
Acked-by: Casey Schaufler [EMAIL PROTECTED]
Acked-by: Casey Schaufler [EMAIL PROTECTED]
Correct the dislexio in the ack.
Signed-off-by: Andrew Morton [EMAIL PROTECTED]
---
security/smack/smack_lsm.c | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
diff -puN
security
://www.tux.org/lkml/
Casey Schaufler
[EMAIL PROTECTED]
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
+SMACK (Simplified Mandatory Access Control Kernel)
+P: Casey Schaufler
+M: [EMAIL PROTECTED]
+L: linux-kernel@vger.kernel.org
+W: http://schaufler-ca.com/
+S: Maintained
+
SN-IA64 (Itanium) SUB-PLATFORM
P: Jes Sorensen
M: [EMAIL PROTECTED]
--
To unsubscribe from this list
On 11/6/2012 12:17 AM, Jarkko Sakkinen wrote:
SMACK_MAGIC moved to a proper place for easy user space access
(i.e. libsmack).
Signed-off-by: Jarkko Sakkinen jarkko.sakki...@iki.fi
---
include/uapi/linux/magic.h |1 +
security/smack/smack.h |5 -
2 files changed, 1
, Jarkko Sakkinen jarkko.sakki...@iki.fi
wrote:
On Tue, Nov 6, 2012 at 11:59 PM, Casey Schaufler ca...@schaufler-ca.com
wrote:
On 11/6/2012 12:17 AM, Jarkko Sakkinen wrote:
SMACK_MAGIC moved to a proper place for easy user space access
(i.e. libsmack).
Signed-off-by: Jarkko Sakkinen
On 11/8/2012 10:08 AM, Jarkko Sakkinen wrote:
SMACK_MAGIC moved to a proper place for easy user space access
(i.e. libsmack).
Signed-off-by: Jarkko Sakkinen jarkko.sakki...@iki.fi
I will apply once James updates the next branch of his security tree.
---
include/uapi/linux/magic.h |1 +
pointer and an effective cred pointer, with the contents
of
/proc coming from the real, but the effective governing what actually goes
on.
I think you want the effective values to show up in /proc.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe
--- David Howells [EMAIL PROTECTED] wrote:
Casey Schaufler [EMAIL PROTECTED] wrote:
One thing I'm not certain about is how this should interact with /proc,
which can display some of the stuff in the cred struct. I think it may
be
necessary to have a real cred pointer
you will need to have the ability
to filter on either. It's no different from the euid/ruid split.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org
--- Andrew Morton [EMAIL PROTECTED] wrote:
On Sat, 29 Sep 2007 17:20:36 -0700 Casey Schaufler [EMAIL PROTECTED]
wrote:
Smack is the Simplified Mandatory Access Control Kernel.
I don't know enough about security even to be dangerous. I went back and
reviewed the August thread from
questionable network support.
That would break sockets. I really doubt that you're suggesting that
cryptographic authentication is required on the loopback interface.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message
initializations for the spinlocks and mutex currently initializes in
smack_init. Also the -Inet/netlabel looks rather odd, please work with
the netlabel maintainer to move the required files to the include/
hierachy.
Paul and I discussed this earlier, and will again.
Thank you.
Casey Schaufler
[EMAIL
CAP_LINUX_IMMUTABLE?
I would be delighted to have a bit of my very own. The granularity
advocates might suggest I use more than one.
Thank you for the comments.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL
on everyone's
machine.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
is not for everyone.
Smack has a different focus than SELinux. I see no need for hostility.
If SELinux wants to incorporate Smack features, that's OK with me,
but it won't make SELinux simpler. Heaven knows I have leaned heavily
on the implementation example of SELinux.
Casey Schaufler
[EMAIL
there are undoubtedly systems that don't
care about permission checking[1])
-Andi
[1] I bet I gave the linux-tiny crowd an idea now ;-)
You would need authoritative LSM hooks for this. The current LSM
additional restrictions model does not provide for this.
Casey Schaufler
[EMAIL PROTECTED
--- Al Viro [EMAIL PROTECTED] wrote:
On Tue, Oct 02, 2007 at 09:45:42PM -0700, Casey Schaufler wrote:
From: Casey Schaufler [EMAIL PROTECTED]
Smack is the Simplified Mandatory Access Control Kernel.
Smack implements mandatory access control (MAC) using labels
attached to tasks
--- Al Viro [EMAIL PROTECTED] wrote:
On Wed, Oct 03, 2007 at 10:21:08AM -0700, Casey Schaufler wrote:
what
happens if we want it in two chroot jails with different layouts?
As you can only have /smack mounted once, this isn't an issue,
but it does present an interesting use case
but that does
have applications that require separation, perhaps a moble communication
device with application download capability, is just one example
where the smack symlink implementation provides the required
function without requiring application support.
Casey Schaufler
[EMAIL PROTECTED
arbitarily to meet interesting or bizarre real world
cases.
I admit to being impressed by the wide variety of mount options
currently available. In many cases this will be the best approach.
/tmp is a typical use for a smack symlink, but not the only one.
Casey Schaufler
[EMAIL PROTECTED
--- Al Viro [EMAIL PROTECTED] wrote:
On Wed, Oct 03, 2007 at 12:51:08PM -0700, Casey Schaufler wrote:
Because you throw simple out the window when you require userland
assistance to perform this function.
Any more than having /tmp replaced with a symlink?
Yes. By the way
1 - 100 of 2105 matches
Mail list logo