Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: [PATCH] context based audit filtering (take 3)
From: Stephen Smalley <sds_at_epoch.ncsc.mil>
Date: Wed, 22 Feb 2006 09:46:32 -0500
I'd drop these wrapper functions, and just name the underlying functions in services.c with the exported names (i.e. selinux_ prefix). The use of security_ prefix in the SELinux code should likely be converted in general to selinux_ (via separate patch) along with other namespace cleanups; it is a legacy of when SELinux was a kernel patch and there was no LSM.
> diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c Let's move this into a helper in mls.c with a nicer interface, similar to what Ivan has done in libsepol (mls_from_string).
> +int security_aurule_match(u32 ctxid, u32 field, u32 op, Should this be an error?
> + ctxt = sidtab_search(&sidtab, ctxid); Should we be using printk(KERN_ERR...) or audit_log(...AUDIT_SELINUX_ERR) for SELinux errors for all new code?
> + case AUDIT_LESS_THAN: I'm not clear as to why we truly need both sets of operators in the audit filters (<= n versus just < (n+1)), but that is unrelated to SELinux per se. I take it that you either decided against leveraging the constraint code or haven't looked at that option yet? IOW, convert an audit filter to a constraint expression when the rule is initialized, and later just call a common helper shared with constraint_expr_eval?
> +static int (*aurule_callback)(void) = NULL; Hmm...on an error return, we will stop walking the callback list presently on avc_ss_reset, which could prevent other callbacks (like the netif one) from occurring. Likely should change that. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Wed 22 Feb 2006 - 09:41:08 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |