On Thu, 8 Mar 2018, Daniel Walsh wrote:
> I am not a big fan of Namespaced SELinux. I think it complicates things and
> will confuse people. I would think a better solution would be to run your
> container with a different type so that you could allow access t othese file
> types.
>
> It would
On Wed, Mar 7, 2018 at 4:05 PM, James Carter wrote:
> Nicolas Iooss reports:
> In sepol_ibendport_key_create(), if sepol_ibendport_alloc_ibdev_name()
> fails to allocate tmp_key->ibdev_name, sepol_ibendport_key_free() is
> called to free the memory associated with tmp_key,
On 03/08/2018 03:42 PM, Nicolas Iooss wrote:
> On Tue, Mar 6, 2018 at 10:29 PM, Stephen Smalley wrote:
>> On 03/05/2018 05:58 PM, Nicolas Iooss wrote:
>>> cil_tree_print_expr() calls cil_expr_to_string() in order to compute a
>>> string expression into expr_str. If this
On 03/08/2018 10:11 AM, David Miller wrote:
Yeah, understood. At small scale the current behavior maybe made
sense, but these days it really doesn't.
No objections to the knob if you want to submit it.
Thanks David, I have rebased my patch and sent it.
New numbers on net-next are
On Thu, Mar 8, 2018 at 8:34 PM, Stephen Smalley wrote:
> On 03/06/2018 04:19 PM, Stephen Smalley wrote:
>> On 03/05/2018 05:16 PM, Nicolas Iooss wrote:
>>> libselinux and libsemanage Makefiles invoke site.getsitepackages() in
>>> order to get the path to the directory
On Tue, Mar 6, 2018 at 10:29 PM, Stephen Smalley wrote:
> On 03/05/2018 05:58 PM, Nicolas Iooss wrote:
>> cil_tree_print_expr() calls cil_expr_to_string() in order to compute a
>> string expression into expr_str. If this function fails, expr_str is
>> left unitialized but its
On 03/07/2018 09:59 AM, Stephen Smalley wrote:
> On 03/06/2018 06:58 AM, Vit Mojzis wrote:
>> access() uses real UID instead of effective UID which causes false
>> negative checks in setuid programs.
>> Replace access(,F_OK) (i.e. tests for file existence) by stat().
>> And access(,R_OK) by
Export the sepol_polcap_getnum/name() functions to users of
the shared library. This will enable SETools to stop depending
on the static library.
Note that we may want to move polcaps.h up one level since
the convention is that headers directly under include/sepol are
shared library APIs while
On 03/06/2018 06:58 AM, Vit Mojzis wrote:
> F_OK access checks only work properly as long as all directories along
> the path are accessible to real user running the program.
> Replace F_OK access checks by testing return value of open, write, etc.
Applied patches 1 and 2 (not 3 as per my
On 03/05/2018 05:58 PM, Nicolas Iooss wrote:
> clang's static analyzer reports an out-of-bound array access in
> semanage_user_roles() when num_roles is zero, with the following
> statement:
>
> strcpy(roles,roles_arr[0]);
>
> When num_roles is zero, roles_arr[0] is not uninitialized and
On 03/06/2018 04:19 PM, Stephen Smalley wrote:
> On 03/05/2018 05:16 PM, Nicolas Iooss wrote:
>> libselinux and libsemanage Makefiles invoke site.getsitepackages() in
>> order to get the path to the directory /usr/lib/pythonX.Y/site-packages
>> that matches the Python interpreter chosen with
From: Eric Dumazet
Date: Thu, 8 Mar 2018 10:05:12 -0800
> Another problematic legacy behavior is the automatic creation of
> fallback tunnels, which hurts netns creation/deletion.
>
> Some environments want to create a netns for every job/task, and they
> do not care if
On 03/08/2018 09:34 AM, David Miller wrote:
From: Stephen Hemminger
Date: Tue, 6 Mar 2018 15:59:20 -0800
Actually dev_load by ethernet name is really a legacy thing that
should just die,
It was kept around so that some very tunnel configuration using special
From: Stephen Hemminger
Date: Tue, 6 Mar 2018 15:59:20 -0800
> Actually dev_load by ethernet name is really a legacy thing that
> should just die,
>
> It was kept around so that some very tunnel configuration using special names.
>
> # ifconfig sit0
>
> which
On 03/08/2018 01:20 PM, Stephen Smalley wrote:
On 03/08/2018 05:55 AM, Zvonko Kosic wrote:
I've seen the presentation by James Morrison about namespacing SELinux and I
have a question regarding a special case we have in our environment.
We have third party prestart runtime hooks for docker
On 03/08/2018 05:55 AM, Zvonko Kosic wrote:
> I've seen the presentation by James Morrison about namespacing SELinux and I
> have a question regarding a special case we have in our environment.
>
> We have third party prestart runtime hooks for docker which bind mount
> files from the host
Subject: [PATCH 4/8] LSM: Manage task security blobs
Move management of task security blobs into the security
infrastructure. Modules are required to identify the space
they require. At this time there are no modules that use
task blobs.
Signed-off-by: Casey Schaufler
Subject: [PATCH 5/8] LSM: Manage remaining security blobs
Move management of the inode, ipc, key, msg_msg, sock and superblock
security blobs from the security modules to the infrastructure.
Use of the blob pointers is abstracted in the security modules.
Signed-off-by: Casey Schaufler
Subject: [PATCH 2/8] LSM: Manage credential security blobs
Move the management of credential security blobs from the
individual security modules to the security infrastructure.
The security modules using credential blobs have been updated
accordingly. Modules are required to identify the space
Subject: [PATCH 3/8] LSM: Manage file security blobs
Move the management of file security blobs from the individual
security modules to the security infrastructure. The security modules
using file blobs have been updated accordingly. Modules are required
to identify the space they need at module
Subject: [PATCH 8/8] LSM: Full security module stacking
Allow any combination of existing security modules,
including those using secids and security marked networking.
The interfaces used by filesystems to maintain security
attributes:
security_inode_setsecctx
Subject: [PATCH 1/8] procfs: add smack subdir to attrs
Back in 2007 I made what turned out to be a rather serious
mistake in the implementation of the Smack security module.
The SELinux module used an interface in /proc to manipulate
the security context on processes. Rather than use a similar
Subject: [PATCH 6/8] LSM: General stacking
Leverage the infrastructure management of the security blobs
to allow stacking of security modules in all but the most
extreme case. Security modules are informed of the location
of their data within the blobs at module initialization.
Stacking is
Subject: [PATCH 7/8] LSM: Multiple security mount options
There needs to be separate data for each of the
security modules that support mount options.
Expand the security_mnt_opts structure to include
an entry for each security module that uses them.
It would be better to have a variable size
Subject: [PATCH 0/8] LSM: Security module stacking
Move the management of Linux Security Module (LSM) data blobs
out of the individual modules and into the LSM infrastructure.
The modules are now required to declare how much space they need
for each sort of blob used. This will allow modules that
I've seen the presentation by James Morrison about namespacing SELinux and
I have a question regarding a special case we have in our environment.
We have third party prestart runtime hooks for docker which bind mount
files from the host into the container image, which have the wrong label.
To
26 matches
Mail list logo