SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: [PATCH 08/28] SECURITY: Allow kernel services to override LSM settings for task actions [try #2] This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Casey Schaufler <casey_at_schaufler-ca.com> Date: Mon, 10 Dec 2007 15:46:59 -0800 (PST) David Howells <dhowells@redhat.com> wrote: > Stephen Smalley <sds@tycho.nsa.gov> wrote: > > > From a config file whose pathname would be provided by libselinux (ala > > the way in which dbusd imports contexts), or directly as a context > > returned by a libselinux function. > > That sounds too SELinux specific. How do I do it so that it works for any *> LSM?* > > Is linking against libselinux is a viable option if it's not available under > all LSM models? Is it available under all LSM models? Perhaps Casey can > answer this one. Linking against libselinux is not now, nor will it ever be, a viable option. There's just too much sophistication contained in libselinux for us simple folk to deal with. > > > I use to do that, but someone objected... Possibly Karl MacMillan. > > > > Yes, but I think I disagreed then too. > > So, who's right? Me! (smiley inserted here, for those in need) > > It doesn't fit with how other users of security_kernel_act_as() will > > likely want to work (they will want to just set the context to a > > specified value, whether one obtained from the client or from some local > > source), nor with how type transitions normally work (exec, with the > > program type as the second type field). I think it will just cause > > confusion and subtle breakage. > > It's causing me lots of confusion as it is. I have been / am being told by > different people to do different things just in dealing with SELinux, and > various people are raising extra requirements or restrictions beyond that. > There doesn't seem to be a consensus. > > It sounds like the best option is just to have the kernel nick the userspace > daemon's security context and use that as is, and junk all the restrictions > on > what the daemon can do so that the kernel isn't too restricted. That would be consistant with the (perhaps archaic now) behavior of nfsd on Unix, which did nothing but "lend it's credential" to the underlying kernel code. I think it's a rational approach, although I expect that in may have troubles under SELinux. Casey Schaufler casey@schaufler-ca.com -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Mon 10 Dec 2007 - 18:47:09 EST This message: [ Message body ] Next message: Casey Schaufler: "Re: [PATCH 08/28] SECURITY: Allow kernel services to override LSM settings for task actions [try #2]" Previous message: David Howells: "Re: [PATCH 08/28] SECURITY: Allow kernel services to override LSM settings for task actions [try #2]" In reply to: David Howells: "Re: [PATCH 08/28] SECURITY: Allow kernel services to override LSM settings for task actions [try #2]" Next in thread: Stephen Smalley: "Re: [PATCH 08/28] SECURITY: Allow kernel services to override LSM settings for task actions [try #2]" Reply: Stephen Smalley: "Re: [PATCH 08/28] SECURITY: Allow kernel services to override LSM settings for task actions [try #2]" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom