G’day,
I am a PhD candidate. My research project will involve implementing an
experimental access control model as a LSM. I have some programming
background (I teach intro to C and Java); however, I am new to kernel
programming.
So I thought I would introduce myself. Is this mailing list an
appropriate place to ask a few questions (and later discuss the
resulting LSM)?
I have read two papers about LSM [1, 2] which give a good foundation of
LSM, and the Linux Journal root plug example article, and I have started
reading through some LSM sources. Are any of these sources outdated? Do
you recommend any other must-read sources?
With my [very] limited exposure to kernel-level code I am still not sure
how to go about writing information to disk. I know that generally it is
forbidden (and there is usually no need to) and there seems to be a
number of ways to communicate with user-land processes. But I basically
just want to log the arguments to a LSM hook call into a file (to poke
around and see exactly what is happening and what LSM operations
specific applications invoke). Is this possible or do I need a user-land
application to read/accept the data? For example, how does AppArmor (or
other LSMs with learning-modes) log application behaviour?
I want to recursively apply the same decision logic to enforce multiple
policies (concurrently on the same subjects). Would it be practical to
have a primary security module which loads and stacks copies of a
secondary module initialised using module parameters to enforce separate
policies?
Many thanks,
Z. Cliffe Schreuders
[1] C. Wright, C. Cowan, J. Morris, S. Smalley, and G. Kroah-Hartman,
"Linux Security Modules: General Security Support for the Linux Kernel,"
Foundations of Intrusion Tolerant Systems, pp. 213-226, 2003.
[2] C. Wright, C. Cowan, S. Smalley, J. Morris, and G. Kroah-Hartman,
"Linux Security Module Framework," in Ottawa Linux Symposium, 2002.
-
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
