Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: [Xen-devel] protecting xen startup
From: Luke Kenneth Casson Leighton <lkcl_at_lkcl.net>
Date: Wed, 24 Nov 2004 00:18:47 +0000
i'll take that as a challenge, then :)
> Xend makes concurrency control much easier, provides a central point of okay. assuming that 1) i don't want a central point of contact i only want _one_ point of contact and 2) i can live without virtual consoles until i understand the code enough and can get away with using ssh logins instead: would this be a simple enough task for someone not entirely familiar with xen's code [but who has developed a number of 20k+ line python projects over the past four years]?
> >>Not exactly. At the Linux Level, there aren't any extra Xen system calls. [which, please excuse me for saying so, doesn't exactly help if that root-only interface is then exposed via an open high port number!! :) ]
> Also, many Xen i was thinking of adding in an LSM hook function that received the ioctl number as one of its arguments, translated that in a case statement into the corresponding selinux SIDs, and from there checked an selinux permission - in a similar way that security/selinux/hooks.c's selinux_file_ioctl() or the selinux_file_fcntl() function operates. i.e. not using file_has_perm() but task_has_perm() instead. then the first thing that the xen ioctl function does is call that LSM hook function. it would therefore also be possible for someone else to write a corresponding LSM linux capabilities function call, too. should someone so wish. l. -- -- <a href="http://lkcl.net">http://lkcl.net</a> -- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Tue 23 Nov 2004 - 19:08:08 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |