hand, if you actually want
to protect the _data_, then tagging the _name_ is flawed; tag the
*DATA* instead.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http
would either have to completely turn
off that security feature and lose most of the functionality of
TOMOYO Linux, or hard-code the list of realms into the policy file
and have to completely reload policy every time I need to add/remove
realms (big gaping security hole).
Cheers,
Kyle Moffett
On May 26, 2007, at 19:08:56, Toshiharu Harada wrote:
2007/5/27, James Morris [EMAIL PROTECTED]:
On Sat, 26 May 2007, Kyle Moffett wrote:
AppArmor). On the other hand, if you actually want to protect
the _data_, then tagging the _name_ is flawed; tag the *DATA*
instead.
Bingo
On May 26, 2007, at 22:37:02, [EMAIL PROTECTED] wrote:
On Sat, 26 May 2007 22:10:34 EDT, Kyle Moffett said:
On May 26, 2007, at 19:08:56, Toshiharu Harada wrote:
(1) Object labeling has a assumption that labels are always
properly defined and maintained. This can not be easily achieved
privileges based on boolean variables, something
that cannot be done if the privileges themselves are stored in the
filesystem. Finally, such an approach does not allow you to
differentiate between programs.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line unsubscribe
linux
On May 27, 2007, at 03:25:27, Toshiharu Harada wrote:
2007/5/27, Kyle Moffett [EMAIL PROTECTED]:
On May 26, 2007, at 19:08:56, Toshiharu Harada wrote:
2007/5/27, James Morris [EMAIL PROTECTED]:
On Sat, 26 May 2007, Kyle Moffett wrote:
AppArmor). On the other hand, if you actually want
On May 28, 2007, at 16:38:38, Pavel Machek wrote:
Kyle Moffett wrote:
I am of the opinion that adding a name parameter to the file/
directory create actions would be useful. For example, with such
support you could actually specify a type-transition rule
conditional on a specific name
to *work* with any
default-deny policy then you have to describe EVERYTHING anyways.
How exactly do you expect AppArmor to work if you don't allow users
to run /bin/passwd, for example.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module
On Jun 09, 2007, at 12:46:40, [EMAIL PROTECTED] wrote:
On Sat, 9 Jun 2007, Kyle Moffett wrote:
Typical targetted policies leave all user logins as
unrestricted, adding security for daemons but not getting in the
way of users who would otherwise turn SELinux off. On the other
hand
(TM)) by a percent or two.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Jun 26, 2007, at 09:47:12, Serge E. Hallyn wrote:
Quoting Kyle Moffett ([EMAIL PROTECTED]):
On Jun 25, 2007, at 16:37:58, Andreas Gruenbacher wrote:
It's useful for some LSMs to be modular, and LSMs which are y/n
options won't have any security architecture issues with
unloading at all
On Jun 26, 2007, at 20:57:53, Crispin Cowan wrote:
Kyle Moffett wrote:
Let's go over the differences between my fs and my LSM, and
the similarities between my VM and my LSM: Filesystems don't
get hooked from virtually every userspace-initiated operation,
whereas both VMs and LSMs do. VMs
(aside from binding to ports 1024)
to run under SELinux with strict MLS. Under Trusted Solaris and such
we needed all sorts of dirty privilege hacks to relabel the files
consistently, but under SELinux the policy does all the relabeling
for us, we don't need to do a thing.
Cheers,
Kyle
directory, it
is automatically labeled etc_passwd_t) From what I understand
Stephen Smalley and others are thinking that over even now. I'll do
it myself as soon as I get time at work beyond prepping systems for
shipping to clients if they haven't finished it by them.
Cheers,
Kyle Moffett
On Aug 12, 2007, at 22:36:15, Joshua Brindle wrote:
Kyle Moffett wrote:
On Aug 12, 2007, at 15:41:46, Casey Schaufler wrote:
Your boolean solution requires more forthought than the Smack
rule solution, but I'll give it to you once you've fleshed out
your ## lines.
How does it require more
lines of code
along with the other 50 million lines of code found in various pieces
of software on my Debian box then I'll go put on my dunce hat and sit
in the corner.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body
into
and so such support was dropped by the netfilter folks. I suspect if
you CC'ed [EMAIL PROTECTED] you would get some very precise
reasons why such filtering doesn't work.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body
On Sep 19, 2007, at 08:15:53, Tetsuo Handa wrote:
Kyle Moffett wrote:
Look at it this way: What format do you use for your in-memory
datastructures? If that format is not extremely close to the
policy file format (with pointers replaced by 8-byte offsets),
then you are using the wrong
On Oct 05, 2007, at 00:45:17, Eric W. Biederman wrote:
Kyle Moffett [EMAIL PROTECTED] writes:
On Oct 04, 2007, at 21:44:02, Eric W. Biederman wrote:
SElinux is not all encompassing or it is generally
incomprehensible I don't know which. Or someone long ago would
have said a better way
to address the concerns.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
not
properly check the result of setuid() and just assumed it had
succeeded. So instead of running as smtpd it was running as
root. Not a happy memory.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL
UTF-8. (It doesn't work on special UTF-8 space
characters like nonbreaking space and similar, but handling those is
significantly more complicated).
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL
of the kernel is
UTF-8 as that encoding can represent any character in any other
encoding and it is backwards-compatible with traditional ASCII.
Cheers,
Kyle Moffett-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More
-ASCII, change ctype.c to ignore such characters
completely (the way they were before). Linus seems to think this is
a good thing, and he's the one that wrote the code in the first place.
Signed-off-by: Kyle Moffett [EMAIL PROTECTED]
---
On Nov 06, 2007, at 10:53:08, Linus Torvalds wrote
with documentation patches).
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
25 matches
Mail list logo