Hi, Hao, > Thank you for your information! The mappings are very useful! > I'm sure that your mapping sheets are very good reference materials > for people who are doing linux kernel security enhancements, thanks again! >
I'm very glad if those materials are useful for people's work :-) > How did you make these mappings? By hand or automatically? If by hand, > it must have taken you a lot of time. I think if would be great if we could > have a script to generate these mapping automatically, thus we'll have a > great tool for analysing the coverage in the kernel of the security > functions. > I made these mapping by hands, so it took almost 1 month:-( The reason why I made it by hand is just for understanding LSM framework. But I guess it's not difficult to make a script for generating mapping automatically. I will try it in next version. Thanks. OMO Hao Xu wrote: (2007年04/09 10:50): > Kazuki Omo(Company) Wrote: >> I'm not sure this information is useful or not, but I just made >> Sysmtecalls <-> security functions/capabilities mapping >> sheets for understanding LSM's framework(and enhancement LIDS:-) ). >> >> You can download some Excel sheets from; >> http://www.selinux.gr.jp/LIDS-JP/systemcalls.html >> (These Excel sheets are made by OpenOffice, so it might have >> some font problem.) >> >> I checked 2.6.20-kernel source code by using lxr and grep, >> so I guess I have some mistakes in these files. >> But I believe this sheet is helpful for checking current >> LSM framework are "sufficient" or "insufficient". >> > > Hi Kazuki! > > Thank you for your information! The mappings are very useful! > I'm sure that your mapping sheets are very good reference materials > for people who are doing linux kernel security enhancements, thanks again! > > How did you make these mappings? By hand or automatically? If by hand, > it must have taken you a lot of time. I think if would be great if we could > have a script to generate these mapping automatically, thus we'll have a > great tool for analysing the coverage in the kernel of the security > functions. > > > Best regards, > > hao > -- Kazuki Omo: [EMAIL PROTECTED] Group Manager, OSS Solution Center Diary: http://omok.livejournal.com - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
