and that inode_security_revalidate can be
removed entirely, which brings us back to roughly the original
performance.
Signed-off-by: Andreas Gruenbacher <agrue...@redhat.com>
Acked-by: Stephen Smalley <s...@tycho.nsa.gov>
---
security/selinux/hooks.c | 10 ++
1 file changed, 2 insertions(+), 8 deleti
On 12/15/2015 11:06 AM, Casey Schaufler wrote:
On 12/15/2015 7:00 AM, Stephen Smalley wrote:
On 12/14/2015 05:57 PM, Roberts, William C wrote:
If I understand correctly, the goal here is to avoid the lookup from
pid to context. If we somehow Had the context or a token to a context
during
On 12/15/2015 12:19 PM, Joe Nall wrote:
On Dec 15, 2015, at 10:06 AM, Casey Schaufler wrote:
...
I have long wondered why SELinux generates the context string
of the secid more than once. Audit performance alone would
justify keeping it around. The variable length
On 12/14/2015 05:57 PM, Roberts, William C wrote:
If I understand correctly, the goal here is to avoid the lookup from
pid to context. If we somehow Had the context or a token to a context
during the ipc transaction to userspace, we could just use that In
computing the access decision. If
On 12/14/2015 12:03 PM, Mike Palmiotto wrote:
On Sun, Dec 13, 2015 at 5:06 PM, Paul Moore <p...@paul-moore.com> wrote:
On Friday, December 11, 2015 05:14:38 PM Stephen Smalley wrote:
Perhaps we could provide a new fixed-size tokenized version of the
security context string for
On 12/11/2015 02:55 PM, Paul Moore wrote:
On Fri, Dec 11, 2015 at 1:37 PM, Daniel Cashman wrote:
Hello,
I would like to write a patch that would expose, via selinuxfs, the
mapping between secids in the kernel and security contexts to
user-space, but before doing so
, or when we can't find a dentry for
the inode. (Reloading happens via iop->getxattr which takes a dentry
parameter.) When reloading fails, continue using the old, invalid
label.
Signed-off-by: Andreas Gruenbacher <agrue...@redhat.com>
Acked-by: Stephen Smalley <s...@tycho.nsa.gov>
Ge
On 10/28/2015 08:47 PM, Andreas Gruenbacher wrote:
Make the inode argument of the inode_getsecid hook non-const so that we
can use it to revalidate invalid security labels.
Signed-off-by: Andreas Gruenbacher <agrue...@redhat.com>
Acked-by: Stephen Smalley <s...@tycho.nsa.gov>
-
;agrue...@redhat.com>
Acked-by: Stephen Smalley <s...@tycho.nsa.gov>
---
security/selinux/hooks.c | 97
1 file changed, 56 insertions(+), 41 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index a8f09af.
happens via iop->getxattr which takes a dentry
parameter.) When reloading fails, continue using the old, invalid
label.
Signed-off-by: Andreas Gruenbacher <agrue...@redhat.com>
Could probably use inode_security_novalidate() for all of the
SOCK_INODE() cases, right? Otherwise,
Acked-by
viewed-by: James Morris <james.l.mor...@oracle.com>
Acked-by: Stephen Smalley <s...@tycho.nsa.gov>
---
include/linux/lsm_hooks.h | 6 ++
include/linux/security.h | 5 +
security/security.c | 8
security/selinux/hoo
On 10/28/2015 07:48 AM, Andreas Gruenbacher wrote:
> On Tue, Oct 27, 2015 at 5:40 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
>> On 10/26/2015 05:15 PM, Andreas Gruenbacher wrote:
>>>
>>> Use path_has_perm directly instead.
&g
On 10/28/2015 01:31 PM, Stephen Smalley wrote:
On 10/28/2015 07:48 AM, Andreas Gruenbacher wrote:
On Tue, Oct 27, 2015 at 5:40 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
On 10/26/2015 05:15 PM, Andreas Gruenbacher wrote:
Use path_has_perm directly instead.
This reverts:
On 10/27/2015 04:48 PM, Andrew Perepechko wrote:
Make validatetrans decisions available through selinuxfs.
"/validatetrans" is added to selinuxfs for this purpose.
This functionality is needed by file system servers
implemented in userspace or kernelspace without the VFS
layer.
Writing
On 10/26/2015 05:15 PM, Andreas Gruenbacher wrote:
Here is another version of the patch queue to make gfs2 and similar file
systems work with SELinux. As suggested by Stephen Smalley [*], the relevant
uses of inode->security are wrapped in function calls that try to revalidate
invalid lab
On 10/26/2015 05:15 PM, Andreas Gruenbacher wrote:
Use path_has_perm directly instead.
This reverts:
commit 13f8e9810bff12d01807b6f92329111f45218235
Author: David Howells
Date: Thu Jun 13 23:37:55 2013 +0100
SELinux: Institute file_path_has_perm()
Create a
On 10/27/2015 02:27 PM, Andrew Perepechko wrote:
+ if (rc)
+ goto out;
+
+ rc = -ENOMEM;
+ if (count >= PAGE_SIZE - 1)
+ goto out;
Why PAGE_SIZE-1?
This is to avoid allocation of more than a single page.
Yes, but you don't need PAGE_SIZE - 1
On 10/26/2015 05:15 PM, Andreas Gruenbacher wrote:
Add functions dentry_security and inode_security for accessing
inode->i_security. These functions initially don't do much, but they
will later be used to revalidate the security labels when necessary.
Signed-off-by: Andreas Gruenbacher
On Mon, Oct 19, 2015 at 6:29 PM, Paul Moore <pmo...@redhat.com> wrote:
> On Friday, October 09, 2015 10:56:12 AM Stephen Smalley wrote:
>> On 10/07/2015 07:08 PM, Paul Moore wrote:
>> > diff --git a/ipc/kdbus/connection.c b/ipc/kdbus/connection.c
>> > index ef63d
On 10/07/2015 07:08 PM, Paul Moore wrote:
In order to effectively enforce LSM based access controls we need to
have more information about the kdbus endpoint creator than the
uid/gid currently stored in the kdbus_node_type struct. This patch
replaces the uid/gid values with a reference to the
the security label on a kdbusfs inode
Signed-off-by: Paul Moore <pmo...@redhat.com>
---
ChangeLog:
- v3
* Ported to the 4.3-rc4 based kdbus tree
- v2
* Implemented suggestions by Stephen Smalley
* call security_kdbus_conn_new() sooner
* reworked hook inside kdbus_conn_policy_ow
On 10/07/2015 07:08 PM, Paul Moore wrote:
The kdbus service names will be recorded using 'service', similar to
the existing dbus audit records.
Signed-off-by: Paul Moore
---
ChangeLog:
- v3
* Ported to the 4.3-rc4 based kdbus tree
- v2
* Initial draft
---
On 10/07/2015 07:08 PM, Paul Moore wrote:
Add the SELinux access control implementation for the new kdbus LSM
hooks using the new kdbus object class and the following permissions:
[NOTE: permissions below are based on kdbus code from Aug 2015]
* kdbus:impersonate
Send a different
e | Slack Size | Allocation Count
> ---
> 770048 |192512| 577536 | 12032
>
> At the result, this change reduce memory usage 42bytes per each
> file_security_struct
>
> Signed-off-by: Sangwoo <sangwoo2.p...
On 09/29/2015 05:03 PM, Stephen Smalley wrote:
On 09/28/2015 04:00 PM, David Howells wrote:
The attached patches provide security support for unioned files where the
security involves an object-label-based LSM (such as SELinux) rather
than a
path-based LSM.
[Note that a number of the bits
= selinux_mount,
.sb_umount =selinux_umount,
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Stephen
,
int sig, u32 secid)
{
+ int rc;
+
+ rc = cap_task_kill(p, info, sig, secid);
+ if (rc != 0)
+ return rc;
/*
* Special cases where signals really ought to go through
* in spite of policy. Stephen Smalley suggests it may
@@ -1778,6 +1810,27
for its existence?
Looks unused now.
Similarly for some of the other security structs.
Only inode, superblock, and sock back pointers still seem to be in use.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module
submits a policy patch to register these
classes and permissions in the policy when the kernel patch is queued
for merge.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More
On Tue, 2008-01-15 at 16:03 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
(3) Check that the kernel may create files as a particular secid (this
could be specified indirectly by specifying an inode, which would
hide the secid inside the LSM).
I
On Tue, 2008-01-15 at 10:10 -0800, Casey Schaufler wrote:
--- David Howells [EMAIL PROTECTED] wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
(3) Check that the kernel may create files as a particular secid (this
could be specified indirectly by specifying an inode, which
(e.g. the capability bitmaps weren't
pushed into LSM's security blobs). Or add a node to /proc/pid/attr for
it.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo
, ala:
svn co http://oss.tresys.com/repos/refpolicy/trunk refpolicy
cd refpolicy/policy/flask
vi security_classes access_vectors
add new class to end
make
make LINUX_D=/path/to/linux-2.6 tokern
Dan knows how to do that.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from
On Wed, 2008-01-09 at 18:56 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
Right, the latter is reasonable.
Requires adding the class and permission definition to
policy/flask/security_classes and policy/flask/access_vectors and then
regenerating the kernel
as the message.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, 2007-12-18 at 19:28 -0800, Crispin Cowan wrote:
Stephen Smalley wrote:
It is if I have to maintain a special pieces of code for each possible LSM.
One piece for SELinux, one piece for AppArmour, one piece for Smack, one
piece
for Casey's security system. That sounds like a pain
On Mon, 2007-12-17 at 15:56 -0500, Paul Moore wrote:
On Monday 17 December 2007 3:35:28 pm Stephen Smalley wrote:
On Fri, 2007-12-14 at 16:50 -0500, Paul Moore wrote:
This patch adds a SELinux IP address/node SID caching mechanism similar
to the sel_netif_*() functions. The node SID
On Tue, 2007-12-18 at 08:59 -0500, Paul Moore wrote:
On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote:
On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote:
We should probably have different permissions for the interface and node
cases. Take the example of an admin who is only
mailing list.
If you no longer wish to subscribe, send mail to [EMAIL PROTECTED] with
the words unsubscribe selinux without quotes as the message.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message
On Fri, 2007-12-14 at 16:50 -0500, Paul Moore wrote:
Add a secctx_to_secid() LSM hook to go along with the existing
secid_to_secctx() LSM hook. This patch also includes the SELinux
implementation for this hook.
Acked-by: Stephen Smalley [EMAIL PROTECTED]
This one can go up anytime, as we
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to [EMAIL PROTECTED] with
the words unsubscribe selinux without quotes as the message.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list
.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, 2007-12-12 at 22:49 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
Have you example code for the security hook you mention? I'm not sure I
understand why security_secctx_to_secid() is not sufficient.
security_secctx_to_secid() would just validate
On Wed, 2007-12-12 at 22:55 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
More likely, run it at build time in your .spec file to generate
cachefiles.conf,
I don't think sticking it in cachefiles.conf is a good idea necessarily.
That has to be an administrator
On Thu, 2007-12-13 at 17:01 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
They would correspond with the operations provided by the /dev/cachefiles
interface, at the granularity you want to support distinctions to be made.
Can this be made simpler by the fact
On Wed, 2007-12-12 at 08:51 -0800, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Tue, 2007-12-11 at 15:04 -0800, Casey Schaufler wrote:
--- David Howells [EMAIL PROTECTED] wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
All your code has to do
On Wed, 2007-12-12 at 18:29 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
That sounds workable, although I think he will want a more specific hook
than security_secctx_to_secid(), or possibly a second hook call, that
would not only validate the context but authorize
]
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
/cachefiles.conf. Have cachefilesd read it and pass
it downward.
More likely, run it at build time in your .spec file to generate
cachefiles.conf, then run it again maybe upon a policy update or if the
user selects a different policy.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from
On Mon, 2007-12-10 at 14:26 -0800, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Mon, 2007-12-10 at 21:08 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
Otherwise, only other issue I have with this interface is it won't
generalize
On Mon, 2007-12-10 at 23:36 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
From a config file whose pathname would be provided by libselinux (ala
the way in which dbusd imports contexts), or directly as a context
returned by a libselinux function.
That sounds too
,
.task_setgid = selinux_task_setgid,
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to [EMAIL PROTECTED] with
the words unsubscribe selinux without quotes as the message.
--
Stephen Smalley
On Mon, 2007-12-10 at 17:07 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
+ tsec-create_sid = SECINITSID_UNLABELED;
+ tsec-keycreate_sid = SECINITSID_UNLABELED;
+ tsec-sockcreate_sid = SECINITSID_UNLABELED;
Cleared means what? Setting to 0? Or is there some
On Mon, 2007-12-10 at 21:08 +, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
Otherwise, only other issue I have with this interface is it won't
generalize to dealing with nfsd, where we want to set the acting context
to a context we obtain from or determine based upon
of the selinux mailing list.
If you no longer wish to subscribe, send mail to [EMAIL PROTECTED] with
the words unsubscribe selinux without quotes as the message.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body
On Tue, 2007-11-27 at 16:38 -0600, Serge E. Hallyn wrote:
Quoting Stephen Smalley ([EMAIL PROTECTED]):
On Tue, 2007-11-27 at 10:11 -0600, Serge E. Hallyn wrote:
Quoting Crispin Cowan ([EMAIL PROTECTED]):
Just the name sys_hijack makes me concerned.
This post describes a bunch
and vfsmnt from the current
task_struct via the d_path() lookup function.
audit_log_task_info() is an example.
It isn't a perfect technique, but usually yields the expected answer.
But I wouldn't recommend doing that on every LSM hook call.
--
Stephen Smalley
National Security Agency
-
To unsubscribe
sure alarm bells went off :) bc it's definately still worrisome. But at
this point I believe it is the safest solution suggested so far.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message
in sock_sendpage().
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
is permitted within same session */
+ if (sig == SIGCONT (task_session_nr(current)==task_session_nr(p)))
+ return 0;
+
if (secid)
/*
* Signal sent as a particular user.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from
is, if we open up to 64, how quickly
will we hit 65. Perhaps a generic bitmask is better, and then
we need a stricter type mode anyway.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL
. Of
course they could get around that by sending in a 'reasonably large'
buffer for a first try.
That's what current userland does. libselinux always tries with an
initial buffer first (and usually succeeds), thereby avoiding the second
call to getxattr in the common case.
--
Stephen Smalley
)
rc = inode-i_op-getxattr(dentry, XATTR_NAME_CAPS,
incaps, XATTR_CAPS_SZ);
else
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message
for userland so that you don't need separate
versions of ls, ps, sshd, etc for Smack vs SELinux vs. whatever.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo
than a strict
subset of SELinux (MAC, label-based, should be easily emulated on top of
SELinux or via fairly simple extension to it to make such emulation
simpler or more optimal), then what isn't mergeable as a separate
security module?
--
Stephen Smalley
National Security Agency
On Wed, 2007-09-26 at 14:30 +0100, David Howells wrote:
Stephen Smalley [EMAIL PROTECTED] wrote:
Precisely when to use one identity vs. the other though isn't always
clear, and the potential for accidental divergence is also a concern.
What should auditing use in audit_filter_rules
On Wed, 2007-09-12 at 17:51 +0900, Yuichi Nakamura wrote:
Hi.
Stephen Smalley pointed out possibility of race condition
in off-list discussion.
Stephen Smalley said:
One other observation about the patch: it presently leaves open a
(small) race window in which the file could get
(unsigned long clone_flags)
{
return 0;
Regards,
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
a overhead in selinux_file_permission function.
This is a function that is called in read/write calls,
and does SELinux permission check.
SELinux checks permission both in open and read/write time.
Stephen Smalley sugessted that we can usually skip permission check
in selinux_file_permission
there). So even that would
have to be encapsulated within a hook.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo
that the task's security context would have to be able to
store
acting security IDs for everything, but I don't think that's too much of a
stretch resourcewise.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body
level of context.
What was the objection again to the original interface, aside from
replacing u32 secids with void* security blobs?
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL
.
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux
On Sun, 2007-08-05 at 17:03 -0700, Casey Schaufler wrote:
From: Casey Schaufler [EMAIL PROTECTED]
This patch interposes LSM interfaces between the audit system
and SELinux. This helps make SELinux a cleaner LSM and clarifies
the interfaces provided by the audit system. The audit system
no
the selinux_enabled check from them, as the hook
function will only be registered if SELinux is enabled.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http
specific. Any problem with making the security_audit_rule
interfaces use a void * ? The audit code appears to be accomodating.
The struct is already opaque outside of the security module, so you can
just rename it and implement your own version of the struct in your
module.
--
Stephen Smalley
entities from writing
to the labels of trusted programs in the first place in one's policy.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http
) just to test the
security xattr namespace is a bit of a pain.
You can enable SECURITY_SELINUX in the kernel config but still have it
boot disabled by default via SECURITY_SELINUX_BOOTPARAM_VALUE=0.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line
the responsibility to the filesystems,
e.g. define some new flags for file_system_type struct that indicate the
right behavior for labeling inodes, and have the security module only
use those flags rather than needing to know about individual filesystem
types.
--
Stephen Smalley
National Security
for login/sshd and newrole.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, 2007-07-18 at 20:46 -0700, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Tue, 2007-07-17 at 19:59 -0700, Casey Schaufler wrote:
- Speaking of which, are you ok with your MAC model being overridden
by
all uid 0 processes? Or do you plan
On Thu, 2007-07-19 at 08:26 -0700, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Wed, 2007-07-18 at 18:15 -0700, Casey Schaufler wrote:
--- Joshua Brindle [EMAIL PROTECTED] wrote:
Casey Schaufler wrote:
...
I do have a hackish newsmack
an existing one.
Obviously those key hooks need to be filled in (or dropped).
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org
succeeded? Could you do an ls -i on /bin/ping and
~/ping before and after the copy to make sure? Or just echo $? after
the cp?
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL
On Wed, 2007-07-18 at 14:03 -0400, Stephen Smalley wrote:
On Wed, 2007-07-18 at 12:53 -0500, Serge E. Hallyn wrote:
Quoting Andrew Morgan ([EMAIL PROTECTED]):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge,
I spent the evening getting my local build of libcap (building
= current-security;
+ return 0;
+}
And if the socket outlives the task?
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org
On Mon, 2007-07-16 at 07:41 -0700, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Sat, 2007-07-14 at 14:47 -0700, Casey Schaufler wrote:
The patch exceeds the 40k size rule, coming in at about 100k.
I would be happy to send the patch to anyone who has trouble
On Mon, 2007-07-16 at 08:32 -0700, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Mon, 2007-07-16 at 07:41 -0700, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Sat, 2007-07-14 at 14:47 -0700, Casey Schaufler wrote:
The patch
security module back in 2004, Andrew
Morton indicated that acceptance of any new code into mainline requires
that it have a real user base:
http://marc.info/?l=linux-kernelm=109717928411882w=2
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
On Wed, 2007-07-11 at 10:30 -0700, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Wed, 2007-07-11 at 08:54 +0900, Kazuki Omo(Company) wrote:
Dear, Sir,
Sorry for my poorly English. I've just wanted to make sure the process
how can we put other security
not be authorized to access the file anymore, even via an already
opened descriptor.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http
On Thu, 2007-06-21 at 23:17 +0200, Lars Marowsky-Bree wrote:
On 2007-06-21T16:59:54, Stephen Smalley [EMAIL PROTECTED] wrote:
Or can access the data under a different path to which their profile
does give them access, whether in its final destination or in some
temporary file processed
authorizations to access multiple kinds of information with differing
security requirements without compromising those security requirements.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL
On Fri, 2007-06-22 at 01:06 -0700, John Johansen wrote:
On Thu, Jun 21, 2007 at 04:59:54PM -0400, Stephen Smalley wrote:
On Thu, 2007-06-21 at 21:54 +0200, Lars Marowsky-Bree wrote:
On 2007-06-21T15:42:28, James Morris [EMAIL PROTECTED] wrote:
And now, yes, I know AA doesn't
On Fri, 2007-06-22 at 13:37 +0200, Lars Marowsky-Bree wrote:
On 2007-06-22T07:19:39, Stephen Smalley [EMAIL PROTECTED] wrote:
Or can access the data under a different path to which their profile
does give them access, whether in its final destination or in some
temporary file
On Fri, 2007-06-22 at 14:42 +0200, Lars Marowsky-Bree wrote:
On 2007-06-22T07:53:47, Stephen Smalley [EMAIL PROTECTED] wrote:
No the incomplete mediation does not flow from the design. We have
deliberately focused on doing the necessary modifications for pathname
based mediation
files via that path, but
showing that it can never read or write your mail is a rather different
matter.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info
and fair-minded comparison.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
real requirement but merely because they
are tied to their implementation specifics.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http
kernel code at all. The
configuration language for SELinux is quite flexible.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org
1 - 100 of 104 matches
Mail list logo